Fortinet black logo

Administration Guide

Home FortiPortal 7.0.3 Administration Guide
7.0.3
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.3.8
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.0
5.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0

FortiPortal concepts

FortiPortal concepts

Sites

  • An organization can have multiple sites.
  • A site is a logical grouping of devices (independent of which FortiManager manages the device).
  • Devices are FortiGate, FortiSwitch, or FortiAP devices.

Remote authentication

You can choose remote authentication of admin and organization users. Remote authentication provides a choice of FortiAuthenticator, RADIUS, or single sign-on (SSO). The remote authentication method may be overridden at the organization level.

If you set the authentication mode to remote, all user management functions reside with the remote system. FortiPortal user management capabilities (add/modify/delete users, reset password, change password) are blocked, as these apply only to local users.

For additional information regarding FortiAuthenticator, refer to the FortiAuthenticator product documentation.

Trusted and blocked hosts

If you are using local user authentication, you can use the trusted and blocked hosts capability as an added level of security.

Enable the blocked hosts feature to enforce a configurable blocklist for all admin and users.

Enable trusted hosts in organization settings and create an allowlist of trusted hosts for each organization user.

For an organization with trusted hosts enabled, the system also enforces the global blocklist for the users.

Previous
Next

FortiPortal concepts

Sites

  • An organization can have multiple sites.
  • A site is a logical grouping of devices (independent of which FortiManager manages the device).
  • Devices are FortiGate, FortiSwitch, or FortiAP devices.

Remote authentication

You can choose remote authentication of admin and organization users. Remote authentication provides a choice of FortiAuthenticator, RADIUS, or single sign-on (SSO). The remote authentication method may be overridden at the organization level.

If you set the authentication mode to remote, all user management functions reside with the remote system. FortiPortal user management capabilities (add/modify/delete users, reset password, change password) are blocked, as these apply only to local users.

For additional information regarding FortiAuthenticator, refer to the FortiAuthenticator product documentation.

Trusted and blocked hosts

If you are using local user authentication, you can use the trusted and blocked hosts capability as an added level of security.

Enable the blocked hosts feature to enforce a configurable blocklist for all admin and users.

Enable trusted hosts in organization settings and create an allowlist of trusted hosts for each organization user.

For an organization with trusted hosts enabled, the system also enforces the global blocklist for the users.

Previous
Next