FortiAuthenticator user identity management appliances strengthen enterprise
security by simplifying and centralizing the management and storage of user
Enterprise Network Identity Policy
Network and Internet access is key for almost every role within the enterprise; however,
this requirement must be balanced with the risk that it brings. The key objective of
every enterprise is to provide secure but controlled network access enabling the right
person the right access at the right time, without compromising on security.
Fortinet Single Sign-On is the method of providing secure identity and role-based access
to the Fortinet connected network. Through integration with existing Active Directory or
LDAP authentication systems, it enables enterprise user identity based security without
impeding the user or generating work for network administrators. FortiAuthenticator
builds on the foundations of Fortinet Single Sign-on, adding a greater range of user
identification methods and greater scalability. FortiAuthenticator is the gatekeeper of
authorization into the Fortinet secured enterprise network identifying users, querying
access permissions from third party systems and communicating this information to
FortiGate devices for use in Identity-Based Policies.
FortiAuthenticator delivers transparent identification via a wide range of methods:
• Polling of an Active Directory Domain Controller;
• Integration with FortiAuthenticator Single Sign-On Mobility Agent which detects
login, IP address changes and logout;
• FSSO Portal based authentication with tracking widgets to reduce the need for
• Monitoring of RADIUS Accounting Start records.