FortiAP

The most common form of access at the LAN edge for users these days is WiFi. Wireless access points can be added to any network to provide WiFi access to employees and guests alike. The challenges of adding wireless to a deployment go far beyond the physical installation of the hardware.

Network IT demands more capability and reliable security from fewer components to save on cost and simplify the environment. Fortinet’s wireless LAN equipment leverages Security-Driven Networking to provide secure wireless access for the enterprise LAN edge. Perfect for deployments from the campus to the SD-Branch, FortiAPs are Fortinet Security Fabric enabled, providing the broad visibility, automated protection, and integrated threat intelligence required to protect organizations’ valuable assets and data worldwide. And that includes REST API support for most of the features used.

LAN edge equipment from Fortinet converges networking and security into a secure, simple-to-manage architecture with a single focal point for management and configuration. By leveraging Security-Driven Networking, Fortinet allows you to secure the LAN edge without the need for costly and complex licensing schemes while benefiting from all the current cutting-edge WiFi enhancements, depending on the models. From the same dashboard used to manage the Next-Generation Firewall and Policies, you also have complete visibility over the wireless client details:

• Username
• Since when it is connected
• Type of encryption used
• Which SSID and VLAN it is connected to
• With which device (name, MAC address, IP address) using which operating system type
• On which Fortinet wireless access point (which is also displayed on the WiFi Maps)
• At what quality (signal strength, data rate, WiFi band, TX/RX bandwidth, spatial streams)

Configuring and managing access points from the same known dashboard as the security parameters also allows immediate visibility and troubleshooting advantages. One can very quickly understand:

• Which access points are online or down
• The last join time and failure reason
• How many wireless clients are connected to each AP
• The WiFi channels used, the TX power, and at what utilization percentage of the channel they operate
• The SSIDs being advertised and in which mode (tunneled, bridged, mesh)
• If the regulatory requirements are being met
• Which wireless IDS profiles are being used

All of that allows for the easy operation of a live and evolving secure wired and wireless network for administrators and a trusted infrastructure for users to perform their daily job without worrying about the underlying connectivity.

The key features of FortiAPs are:

• Advanced security protection: Wireless LAN security done right, from the leader in network security. Integrated Firewall, IPS, Application Control, and Web Filtering protect the wireless LAN from the latest security threats, with SSIDs that can natively be scheduled for availability.
• Integrated WIDS and rogue AP suppression: Protects the network from advanced wireless threats and satisfies PCI DSS compliance with the integrated Wireless Intrusion Detection System to report and suppress phishing SSIDs.
• Deep application control: Fortinet goes above Wireless Multimedia Extensions (WME) by offering deep Layer 7 inspection to precisely control applications and bandwidth usage.
• Dynamic Automatic Radio Resource Provisioning (DARRP) and RX-SOP: Advanced wireless techniques for optimized throughput to eliminate sticky clients and maximize channel efficiency in all wireless environments are applied at the AP and managed from the FortiGate and FortiManager interfaces.
• Multiple PSK, voice enterprise certifications, and agile multi-band operations: To ensure that Internet-of-Things devices, regular clients, and all smart devices reach maximum capacity in the most secure way available to them with user and traffic segmentation.

See also Important terms for FortiAP.