FortiGate Firewall: Why use Fortinet Single Sign On (FSSO)? What are the benefits!

Просмотров 3,2 тыс.

% 67

Continuing on from previous videos we explain why it's important to use Fortinet Single Sign-On (FSSO) in doing so you are creating a link between your Active Directory environment and your Next Generation Firewall Appliance (NGFW) once you do this your logs won't look so messy and you will be able to build out really granular security policies and the Users and Groups you create within your AD environment will be understood by the FortiGate firewall.
// Time Stamps //
00:00 - Video Introduction / Reference to previous videos
01:10 - What does FSSO do?
01:40 - Bad example (No FSSO)
02:40 - Good FSSO Example
03:32 - Channel update how you can help me?
04:17 - Security Fabric Connector (Pulling groups from AD)
04:54 - Using these groups in Firewall Policy
07:14 - Why it is super important from a logging prospective
08:02 - How can FSSO be deployed?
08:52 - FortiClient and the FSSOMA
10:18 - FortiAuthenticator licencing around FSSOMA
10:54 - Video summary
// Chris SOCIAL //
www.linkedin.com/in/chris-eddisford-5b676462/
// Keywords //
Fortinet
FortiGate
Fortinet Single Sign On (FSSO)
Fortigate Firewall Configuration
Automation
Notification
Fortinet Fabric
Fortinet how to
Fortinet guide
Fortinet network security
Cybersecurity
// HashTags //
#cybersecurity
#networking
#fortinet

Опубликовано:

21 авг 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 21

@leelidbetter4286 3 месяца назад

Subscribed - great video

@FortiBytes 3 месяца назад

Awesome, thank you!

@buraksahin7297 Год назад

Thank you for the video

@FortiBytes Год назад

Your very welcome. Let me know if there is anything specific you’d like to see.

@buraksahin7297 Год назад

Hi again@@FortiBytes I would love to see ZTNA videos more, from basic configuration steps on Fortigate and FortiEMS rule creation

@chriseddisford1834 Год назад

@@buraksahin7297 it’s very much on the list. I’m having to take a very short break for this week because I have a couple of nse7 exams I need to take before the changes in October. I do have a ztna video - ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-j--ScI16zGM.html but I plan on doing another because it’s highly requested.

@tori838 10 месяцев назад

Thank you so much for the video.. Can you please make a videos on FAC as well? How to integrate tacacs, saml,? How cert worke like this kind of videos?

@FortiBytes 10 месяцев назад

Thank you for reaching out! Yes sure I need to get myself a new FAC license but then I will add it to the list I recommend the Azure AD FSSO video also FAC is an amazing product.

@tori838 10 месяцев назад

@@FortiBytesi appreciate all your contents.. Keep it up..

@FortiBytes 10 месяцев назад

Your welcome

@OliverJamesRickers Год назад

Subscribed mate 😀

@FortiBytes Год назад

Thanks Oliver!

@anonyoutube4619 Год назад

Great video. Just so I have everything clear. I watched the whole series. You need FAC to build this Azure AD integration right? I sometimes struggle to explain why people need a FAC. Because the fgt supports SSO right? Is it because with FSSO the authentication part happens automatically and with SSO it needs a trigger? I believe you can also import groups with only SSO right (without FAC)? Thanks again mate. Its been a while since a new video. Anything in the works?

@FortiBytes Год назад

Hey mate, at the moment for the Azure AD integration it appears you need FortiAuthenticator hopefully that changes in the future. As we all know that for Native AD integration you can just poll directly from the FortiGate. New video has just dropped today I have been on holiday and had to rush another NSE7 for partnership status. Now that both are out of the way there should be a couple of videos a week moving forward. I think the next ones will have something to do with ADVPN including public cloud deployments and FortiManager as the amount of videos around getting the best out of manager including using variables and templates is seriously lacking! Thanks for reaching out let me know if there is anything specific you’d like to see!

@80211WiGuy 10 месяцев назад

Do you run into issues where there are too many AD groups for the firewalls to import, like in the hundreds-thousands that dont really apply to your firewall policies?

@FortiBytes 10 месяцев назад

Hi Greg you’re able to filter what groups you’re interested in. But it’s a good question if a company has that many groups then I’d suggest that FortiAuthenticator would be the better product for the job.

@80211WiGuy 10 месяцев назад

Thank you for responding so quickly @@FortiBytes ! We have a FAC but I've been having a lot of difficulty with trying to filter out all the domain groups we're not interested in.

@80211WiGuy 10 месяцев назад

Thanks @@FortiBytes, I'm trying to filter based on an expression. Ex: Any groups that start with "fw-" instead of selecting each new group as they get created. I dont want irrelevant groups like "KB-user" getting downloaded to the fortigates unnecessarily. The pie charts on user dashboards for group memberships look extremely cluttered with all the fw policy irrelevant groups.

@FortiBytes 10 месяцев назад

I’m not sure if that’s possible I’ll take a look and come back to you if I find anything!