Getting started
FortiSASE is a software-as-a-cloud-delivered service that allows clients to securely access the internet with the protection from FortiOS. With FortiSASE, you can ensure to protect remote off-net endpoints and users with the same security policies as when they are on-net, no matter their location. The service is available through a subscription based on the number of users.
FortiSASE works with various FortiCloud services in the background to deliver a seamless service for securing your internet access.
In terms of security, FortiSASE offers the following features to protect clients:
- Antivirus
- Web Filter
- Intrusion prevention
- File filter
- Data loss prevention
- Application control
- SSL inspection
Use the following resources to get started with FortiSASE:
Task |
Documentation links |
---|---|
Review FortiSASE requirements |
See Requirements. |
Review FortiSASE licensing |
See Licensing. |
Get started with initializing FortiSASE |
|
Get started with securing FortiSASE remote users |
See: |
Learn about new FortiSASE features |
See What's new. |
Learn about best practices for deploying a FortiSASE architecture |
Go to Best Practices | 4-D resources. Review the document categories. |
Review information about FortiSASE releases, including resolved and known issues |
Requirements
The following items are required before you can initialize FortiSASE:
Requirement |
Description |
---|---|
FortiCloud account |
Create a FortiCloud account if you do not have one. Launching FortiSASE requires a primary FortiCloud account. A primary FortiCloud account can invite other users to launch FortiSASE as secondary users. |
Internet access |
You must have internet access to create a FortiSASE instance. |
Browser |
Device with a browser to access FortiSASE. |
You can only create one FortiSASE instance per FortiCloud account.
Licensing
The FortiSASE portal enforces license requirements when you log in. FortiSASE requires the FortiSASE subscription based on the number of remote users. Some FortiSASE features, such as assisted onboarding, require the Advanced or Comprehensive license. See the SASE and Zero Trust Ordering Guide for licensing details.
Initializing FortiSASE
To initialize FortiSASE:
- Log in to the FortiSASE portal with your FortiCloud account.
- Select the desired geographical locations for your security sites and log storage.
You can select fewer security sites than the maximum you are entitled to. In this case, upon each login, the FortiSASE portal prompts you to select up to the maximum number of security sites.
Do one of the following:
Select up to the maximum number of entitled security sites and click Apply Now.
Simply click Apply Later to acknowledge this prompt. It appears upon the next login.
- Click Start Now for FortiSASE to provision your environment. This initialization may take up to ten minutes.
- The FortiSASE dashboard displays enabled security features and endpoint management information. This example creates a local user:
- Go to Configuration > Users & Groups.
- Click Create.
- Select User, then click Next.
- In the Email field, enter the desired email. FortiSASE sends instructions and an invitation code to this email address. The user uses this code to connect FortiClient to FortiSASE.
- If desired, enable and configure Temporary administrative password. Users change their password during the activation process. You may want to configure a password if you anticipate that you need administrative access to this VPN user before the activation process.
- Click OK.
You should only create local users for simple deployments. To configure FortiSASE for remote user authentication, see Authentication Sources and Access.