New Features – Authentication

Authentication RADIUS Framed-IP into accounting packets (234003 189828) RADIUS attributes, including NAS-IP-Address, Called-Station-ID, Framed-IP-Address, and Event-Timestamp, are supported. Include RADIUS attribute CLASS in all accounting requests (290577) RADIUS attribute CLASS in accounting requests for firewall, WiFi, and proxy authentication is now supported. RADIUS attribute CLASS is returned in Access-Accept message and it is added to […]

Traffic Shaping Policies

Traffic Shaping Policies New Traffic Shaper Policy Configuration Method (269943) Previously, traffic shapers were configured in Policy & Objects > Objects > Traffic Shapers and then applied in security policies under Policy & Objects > Policy > IPv4 . In FortiOS 5.4, traffic shapers are now configured in a new traffic shaping section in Policy […]

FortiBridge 4.0 Administration Guide

Introduction FortiBridge enables you to add traffic monitoring and security devices to your network, without any loss in network integrity. FortiBridge supports two normal modes of operation: inline mode and TAP mode. Inline mode supports network configurations that require in-line monitoring/security devices. TAP mode supports various traffic TAP configurations, where the main network path is […]

RADIUS Single Sign On – FortiAuthenticator 4.0

RADIUS Single Sign-On A FortiGate or FortiMail unit can transparently identify users who have already authenticated on an external RADIUS server by parsing RADIUS accounting records. However, this approach has potential difficulties: The RADIUS server is business-critical IT infrastructure, limiting the changes that can be made to the server configuration. In some cases, the server […]

Fortinet Single Sign On – FortiAuthenticator 4.0

Fortinet Single Sign-On FSSO is a set of methods to transparently authenticate users to FortiGate and FortiCache devices. This means that the FortiAuthenticator unit is trusting the implicit authentication of a different system, and using that to identify the user. FortiAuthenticator takes this framework and enhances it with several authentication methods: Users can authenticate through […]

Port Based Network Access Control – FortiAuthenticator 4.0

Port-based Network Access Control Port-based Network Access Control (PNAC), or 802.1X, authentication requires a client, an authenticator, and an authentication server (such as a FortiAuthenticator device). The client is a device that wants to connect to the network. The authenticator is simply a network device, such as a wireless access point or switch. The authentication […]

FortiAuthenticator 4.0 Setup

Setup For information about installing the FortiAuthenticator unit and accessing the CLI or GUI, refer to the Quick Start Guide provided with your unit. This chapter provides basic setup information for getting started with your FortiAuthenticator device. For more detailed information about specific system options, see System on page 23. The following topics are included […]