Fortinet black logo

Administration Guide

Other security considerations

Other security considerations

Other security consideration for restricting access to the FortiManager GUI include the following:

  • Configure administrator accounts using a complex passphrase for local accounts
  • Configure administrator accounts using RADIUS, LDAP, TACACS+, or PKI
  • Configure the administrator profile to only allow read/write permission as required and restrict access using read-only or no permission to settings which are not applicable to that administrator
  • Configure the administrator account to only allow access to specific ADOMs as required
  • Configure the administrator account to only allow access to specific policy packages as required.

When setting up FortiManager for the first time or after a factory reset, the password cannot be left blank. You are required to set a password when the admin user tries to log in to FortiManager from GUI or CLI for the first time. This is applicable to a hardware device as well as a VM. This is to ensure that administrators do not forget to set a password when setting up FortiManager for the first time.

After the initial setup, you can set a blank password from System Settings > Administrators.

Other security considerations

Other security consideration for restricting access to the FortiManager GUI include the following:

  • Configure administrator accounts using a complex passphrase for local accounts
  • Configure administrator accounts using RADIUS, LDAP, TACACS+, or PKI
  • Configure the administrator profile to only allow read/write permission as required and restrict access using read-only or no permission to settings which are not applicable to that administrator
  • Configure the administrator account to only allow access to specific ADOMs as required
  • Configure the administrator account to only allow access to specific policy packages as required.

When setting up FortiManager for the first time or after a factory reset, the password cannot be left blank. You are required to set a password when the admin user tries to log in to FortiManager from GUI or CLI for the first time. This is applicable to a hardware device as well as a VM. This is to ensure that administrators do not forget to set a password when setting up FortiManager for the first time.

After the initial setup, you can set a blank password from System Settings > Administrators.