Overview
FortiAuthenticator - Access Management establishing Identity for the Security Fabric
FortiAuthenticator builds on the foundations of Fortinet Single Sign-on providing secure identity and role-based access to the Fortinet connected network. Through integration with existing Active Directory or LDAP authentication systems, it enables enterprise user identity based security without impeding the user or generating work for network administrators.
FortiAuthenticator is the gatekeeper of authorization into the Fortinet secured enterprise network identifying users, querying access permissions from third-party systems and communicating this information to FortiGate devices for use in Identity-Based Policies. FortiAuthenticator delivers transparent identification via a wide range of methods: *Polling of an Active Directory Domain Controller; *Integration with FortiAuthenticator Single Sign-On Mobility Agent which detects login, IP address changes and logout; *RADIUS Accounting *SAML SP/IdP Web SSO
Key FortiAuthenticator Features *Seamless secure two-factor/OTP authentication across the organization in conjunction with FortiToken *RADIUS and LDAP Authentication *Certificate management for enterprise wireless and VPN deployment *Guest management for wired and wireless network security *Single Sign On capabilities for both internal and cloud networks
Highlights
- Ability to transparently identify network users and enforce identity-driven policy on a Fortinet-enabled enterprise network
- Guest management for wired and wireless network security
- Single Sign On capabilities for both internal and cloud networks
Details
Pricing
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
This is a BYOL product - there are no refund and cancellation policies applied.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
After deploying the instance, click on Manage in AWS Console to see the running instance and public IPv4 address/Public DNS (IPv4) to continue the configuration of the FortiAuthenticator-VM (FAC-VM). In order to access the Web GUI, Configuration should be done through CLI. Connect FAC-VM CLI by SSH using "ssh -i <pem file> admin@<Public IP address>" in Linux. After login in, reset admin password to pwd by executing "execute restore-admin <pwd>". Allow host also should be set. By executing "config system global" to enter the system global configuration mode, afterward, executing "set allowed-hosts <public IPv4 address of FAC>" to set the allowed host so that FAC WEB-GUI can be accessed through https://<public IPv4 address of FAC>. Similarly, execute "set allowed-hosts <Public DNS (IPv4)>" enabling the access through https://<Public DNS (IPv4)>.
Detailed FortiAuthenticator-VM AWS Install and Configure guide is located at https://docs.fortinet.com/fortiauthenticator
Update the FortiAuthenticator in AWS is the same as all FortiAuthenticator platforms. You need to log into your FortiCare account at the https://support.fortinet.com , choose the download link and retrieve the proper upgrade file (.out) you wish to upgrade to. The file is introduced via the Web UI or the CLI.
Resources
Vendor resources
Support
Vendor support
Fortinet FortiCare support offerings provide global support for all Fortinet products and services. With FortiCare support, customers can be assured that their Fortinet security products are performing optimally and protecting their corporate assets with the best security technology at the best possible price. FortiCare 24x7 Comprehensive Support includes firmware updates, online ticket access, online chat and 24x7 telephone support at any time day or night.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
A powerful Fortinet authenticator tool!
-easy to set up and understand
-security policies can be changes as per requirements.
- light-weight in terms of file size hence takes less space
Great for MFA
we use fortiauthenticator for sslvpn management with active directory and MFA.
this gives us centralized management of Ad and MFA accounts.
link to another fortinet product or other manufacturer.
we can also do 802.1X for PC and laptop authentication
the licensing system is also complex because depending on the choice of implementation it can quickly become very complex