Fortinet FortiAuthenticator-200D FAC-200D Manuale Utente
Codici prodotto
FAC-200D
3
Additional Functionality
Strong User Identity with Two-factor Authentication
FortiAuthenticator extends two-factor authentication
capability to multiple FortiGate appliances and to third party
solutions that support RADIUS or LDAP authentication.
User identity information from FortiAuthenticator combined
with authentication information from FortiToken ensures
that only authorized individuals are granted access to your
organization’s sensitive information. This additional layer of
security greatly reduces the possibility of data leaks while
helping companies meet audit requirements associated
with government and business privacy regulations.
FortiAuthenticator supports the widest range of tokens
possible to suit your user requirements. With the physical
time based FortiToken-200, FortiToken Mobile (for iOS and
Android), e-mail and SMS tokens, FortiAuthenticator has
a token options for all users and scenarios. Two-factor
authentication can be used to control access to applications
such as FortiGate management, SSL and IPSEC VPN,
Wireless Captive Portal login and third party, RADIUS
compliant networking equipment.
FortiAuthenticator extends two-factor authentication
capability to multiple FortiGate appliances and to third party
solutions that support RADIUS or LDAP authentication.
User identity information from FortiAuthenticator combined
with authentication information from FortiToken ensures
that only authorized individuals are granted access to your
organization’s sensitive information. This additional layer of
security greatly reduces the possibility of data leaks while
helping companies meet audit requirements associated
with government and business privacy regulations.
FortiAuthenticator supports the widest range of tokens
possible to suit your user requirements. With the physical
time based FortiToken-200, FortiToken Mobile (for iOS and
Android), e-mail and SMS tokens, FortiAuthenticator has
a token options for all users and scenarios. Two-factor
authentication can be used to control access to applications
such as FortiGate management, SSL and IPSEC VPN,
Wireless Captive Portal login and third party, RADIUS
compliant networking equipment.
To streamline local user management, FortiAuthenticator
includes user self-registration and password recovery features.
includes user self-registration and password recovery features.
Enterprise Certificate Based VPNs
Site-to-site VPNs often provide access direct to the heart of
the enterprise network from many remote locations. Often
these VPNs are secured simply by a preshared key, which,
if compromised, could give access to the whole network.
FortiOS support certificate-based VPNs; however, use of
certificate secured VPNs has been limited, primarily due
to the overhead and complexity introduced by certificate
management. FortiAuthenticator removes this overhead
involved by streamlining the bulk deployment of certificates
for VPN use in a FortiGate environment by cooperating with
FortiManager for the configuration and automating the secure
certificate delivery via the SCEP protocol.
Site-to-site VPNs often provide access direct to the heart of
the enterprise network from many remote locations. Often
these VPNs are secured simply by a preshared key, which,
if compromised, could give access to the whole network.
FortiOS support certificate-based VPNs; however, use of
certificate secured VPNs has been limited, primarily due
to the overhead and complexity introduced by certificate
management. FortiAuthenticator removes this overhead
involved by streamlining the bulk deployment of certificates
for VPN use in a FortiGate environment by cooperating with
FortiManager for the configuration and automating the secure
certificate delivery via the SCEP protocol.
For client-based certificate VPNs, certificates can be created
and stored on the FortiToken300 USB Certificate store. This
secure, pin protected certificate store is compatible with
FortiClient and can be used to enhance the security of client
VPN connections in conjunction with FortiAuthenticator.
and stored on the FortiToken300 USB Certificate store. This
secure, pin protected certificate store is compatible with
FortiClient and can be used to enhance the security of client
VPN connections in conjunction with FortiAuthenticator.
RADIUS Accounting Login
In a network which utilizes RADIUS authentication (e.g. wireless or VPN
authentication), RADIUS Accounting can be used as a user identification method.
This information is used to trigger user login and to provide IP and group
information, removing the need for a second tier of authentication.
authentication), RADIUS Accounting can be used as a user identification method.
This information is used to trigger user login and to provide IP and group
information, removing the need for a second tier of authentication.
Additional Features & Benefits
RADIUS and LDAP User Authentication
Local Authentication database with RADIUS and LDAP interfaces centralizes user management.
Wide Range of Strong
Authentication Methods
Authentication Methods
Strong authentication provided by FortiAuthenticator via hardware tokens, e-mail, SMS, e-mail and
digital certificates help to enhance password security and mitigate the risk of password disclosure,
replay or brute forcing.
digital certificates help to enhance password security and mitigate the risk of password disclosure,
replay or brute forcing.
User Self-registration and
Password Recovery
Password Recovery
Reduces the need for administrator intervention by allowing the user to perform their own registration
and resolve their own password issues, which also improves user satisfaction.
and resolve their own password issues, which also improves user satisfaction.
Integration with Active Directory
and LDAP
and LDAP
Integration with existing directory simplifies deployment, speeds up installation times and reutilizes
existing development.
existing development.
Certificate Management
Streamlined certificate management enables rapid, cost-effective deployment of certificate-based
authentication methods such as VPN.
authentication methods such as VPN.
802.1X Authentication
Deliver enterprise port access control to validate users connection to the LAN and Wireless LAN to
prevent unauthorized access to the network.
prevent unauthorized access to the network.
highlights