Fortinet Server Authentication Extension - FSAEIntegrates Authentication with FortiGate Security for the mobile work force Corporate employees require access to corporate resource and information no matter where they are and what devices they are using. The traditional ways of applying security protection base on user IP address is not longer feasible as the user IP address is more dynamic then ever. The ability to provide customizable protection base on single user login credential is critical component to network administrator to deliver corporate resources and information to employees regardless of where they are and how they are accessing them.

Integrates Security with AuthenticationFortinet Server Authentication Extension (FSAE) connects the Fortinet security appliances (FortiGate) to the corporate authentication servers, such as Microsoft Active Directory, allowing security policy to be defined base on the user information resides on the authentication servers. FSAE, a component installed on the authentication server or a standalone server, provides users authentication information to the Fortinet security appliances so user can automatically gain access to the permitted resources with a single login.

The latest FSAE version supports two different operation modes for maximum fexibility:

Domain Controller Agent Mode - FASE agents are installed on the Domain Controllers to monitor user logons. Information is aggregated by the collector agent and then forward to the FortiGate appliance

Polling Mode - where FSAE agent is installed on a separate server and poll user information from the authentication servers. This reduces the number for FSAE installation in cooperation where multiple domain controllers are used.

FSAE supports Microsoft Windows Active Directory (AD) and Novell networks using either Lightweight Directory Access Protocol (LDAP) or Novell API. FSAE also supports Windows NTLM authentication protocol where installation of FSAE agent on the AD server is not an option.

FSAE is available for download through Fortinet Support web site (support.fortinet.com) for users with valid registeration.

The FortiGate Product Family: Integrated Multi-Threat Protection

The FortiGate product family provides cost-effective, comprehensive protection against network, content, and application-level threats. It defends your environment from complex, sophisticated attacks without degrading network availability and affecting application performance.

FortiGate platforms combine the purpose-built FortiOS™ security operating system with custom FortiASIC processors and other hardware to provide a comprehensive and high-performance array of security and networking functions.

The FortiGate product family delivers the highest level of network, content, and application security for enterprises of all sizes, while reducing total cost of ownership. With Fortinet, you deploy the network security you need to protect your intellectual property, preserve the privacy of critical customer information, and maintain regulatory compliance.

Features Benefits

Industry CertificationSeamlessly integrates FortiGates with Windows AD and Novell

Enables customizable security policy base on user login credential

Single User Sign-on to both network and server authentication

Identity base security regardless of how and where user access the network

Compatible with some of the most popular authentications servers for enterprise network

Security policy can be defined base on user, user group or domain rather than relying on the user IP address

Drastically improve usability by reducing the numbers of user logins

Mobile users or telecommunters can access the same information and resource as they are in the office.

DATASHEET

Copyright© 2009 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, and FortiGuard®, are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions. Network variables, different network environments and other conditions may affect performance results, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding contract with a purchaser that expressly warrants that the identified product will perform according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. Certain Fortinet products are licensed under U.S. Patent No. 5,623,600.

GLOBAL HEADQUARTERSFortinet Incorporated 1090 Kifer Road, Sunnyvale, CA 94086 USA Tel +1.408.235.7700 Fax +1.408.235.7737 www.fortinet.com/sales

EMEA SALES OFFICE – FRANCEFortinet Incorporated120 rue Albert Caquot06560, Sophia Antipolis, FranceTel +33.4.8987.0510Fax +33.4.8987.0501

APAC SALES OFFICE – SINGAPOREFortinet Incorporated61 Robinson Road, #09-04 Robinson CentreSingapore 068893Tel +65-6513-3730Fax +65-6223-6784

FortiGuard® Security Subscription Services deliver dynamic, automated updates for Fortinet products. The Fortinet Global Security Research Team creates these updates to ensure up-to-date protection against sophisticated threats. Subscriptions include antivirus, intrusion prevention, web filtering, antispam, vulnerability and compliance management, application control, and database security services.

FortiCare™ Support Services provide global support for all Fortinet products and services. FortiCare support enables your Fortinet products to perform optimally. Support plans start with 8x5 Enhanced Support with “return and replace” hardware replacement or 24x7 Comprehensive Support with advanced replacement. Options include Premium Support, Premium RMA, and Professional Services. All hardware products include a 1-year limited hardware warranty and 90-day limited software warranty.

FSAE-DAT-R1-201001

FortiOS 4.0: Redefining Network SecurityFortiOS 4.0 is the software foundation of FortiGate multi-threat security platforms. Developed solely for security, performance and reliability, it is a purpose-built operating system that leverages power of the FortiASIC content and network processors. FortiOS software enables a comprehensive suite of security services: Firewall, VPN, intrusion prevention, antivirus/antispyware, antispam, web filtering, application control, data loss prevention, and end point network access control.

Fortinet’s ASIC-Based AdvantageFortiASIC is the foundation of Fortinet’s unique hardware technology. FortiASIC is a family of purpose built, high-performance network and content processors that uses an intelligent proprietary content scanning engine and multiple algorithms to accelerate compute-intensive security services. FortiASIC provides the performance required to deliver enterprise and carrier-class UTM services. Coupled with the FortiOS security hardened Operating System, FortiASIC delivers extreme performance and security.

Fortinet Server Authentication Extenstion - FSAE

Supported Operating SystemsMicrosoft Windows 2008 Server (32 or 64 bit)Microsoft Windows 2003 Server (32 or 64-bit)

Novell E-directory 8.8

Authentication Servers SupportedWindows Active Directory

Novell Networks

Authentication Protocols SupportedLightweight Directory Access Protocol (LDAP)

NTLMNovell API

Operation ModesDomain Controller Agent Mode

Polling Mode