Fortinet black logo

Administration Guide

Home FortiSASE Administration Guide

Getting started

Copy Link
Copy Doc ID 4ed231bf-e303-11ee-8c42-fa163e15d75b:37238
Download PDF

Getting started

FortiSASE is a software-as-a-cloud-delivered service that allows clients to securely access the internet with the protection from FortiOS. With FortiSASE, you can ensure to protect remote off-net endpoints and users with the same security policies as when they are on-net, no matter their location. The service is available through a subscription based on the number of users.

FortiSASE works with various FortiCloud services in the background to deliver a seamless service for securing your internet access.

In terms of security, FortiSASE offers the following features to protect clients:

  • Antivirus
  • Web Filter
  • Intrusion prevention
  • File filter
  • Data loss prevention
  • Application control
  • SSL inspection

Use the following resources to get started with FortiSASE:

Task

Documentation links

Review FortiSASE requirements

See Requirements.

Review FortiSASE licensing

See Licensing.

Get started with initializing FortiSASE

See Initializing FortiSASE.

Get started with securing FortiSASE remote users

See:

Learn about new FortiSASE features

See What's new.

Learn about best practices for deploying a FortiSASE architecture

Go to Best Practices | 4-D resources. Review the document categories.

Review information about FortiSASE releases, including resolved and known issues

See FortiSASE Release Notes.

Requirements

The following items are required before you can initialize FortiSASE:

Requirement

Description

FortiCloud account

Create a FortiCloud account if you do not have one. Launching FortiSASE requires a primary FortiCloud account. A primary FortiCloud account can invite other users to launch FortiSASE as secondary users.

Internet access

You must have internet access to create a FortiSASE instance.

Browser

Device with a browser to access FortiSASE.

You can only create one FortiSASE instance per FortiCloud account.

Licensing

The FortiSASE portal enforces license requirements when you log in. FortiSASE requires the FortiSASE subscription based on the number of remote users. Some FortiSASE features, such as assisted onboarding, require the Advanced or Comprehensive license. See the SASE and Zero Trust Ordering Guide for licensing details.

Initializing FortiSASE

To initialize FortiSASE:
  1. Log in to the FortiSASE portal with your FortiCloud account.
  2. Select the desired geographical locations for your security sites and log storage.
    Note

    You can select fewer security sites than the maximum you are entitled to. In this case, upon each login, the FortiSASE portal prompts you to select up to the maximum number of security sites.

    Do one of the following:

    • Select up to the maximum number of entitled security sites and click Apply Now.

    • Simply click Apply Later to acknowledge this prompt. It appears upon the next login.

  3. Click Start Now for FortiSASE to provision your environment. This initialization may take up to ten minutes.
  4. The FortiSASE dashboard displays enabled security features and endpoint management information. This example creates a local user:
    1. Go to Configuration > Users & Groups.
    2. Click Create.
    3. Select User, then click Next.
    4. In the Email field, enter the desired email. FortiSASE sends instructions and an invitation code to this email address. The user uses this code to connect FortiClient to FortiSASE.
    5. If desired, enable and configure Temporary administrative password. Users change their password during the activation process. You may want to configure a password if you anticipate that you need administrative access to this VPN user before the activation process.
    6. Click OK.

You should only create local users for simple deployments. To configure FortiSASE for remote user authentication, see Authentication Sources and Access.

Previous
Next

Getting started

FortiSASE is a software-as-a-cloud-delivered service that allows clients to securely access the internet with the protection from FortiOS. With FortiSASE, you can ensure to protect remote off-net endpoints and users with the same security policies as when they are on-net, no matter their location. The service is available through a subscription based on the number of users.

FortiSASE works with various FortiCloud services in the background to deliver a seamless service for securing your internet access.

In terms of security, FortiSASE offers the following features to protect clients:

  • Antivirus
  • Web Filter
  • Intrusion prevention
  • File filter
  • Data loss prevention
  • Application control
  • SSL inspection

Use the following resources to get started with FortiSASE:

Task

Documentation links

Review FortiSASE requirements

See Requirements.

Review FortiSASE licensing

See Licensing.

Get started with initializing FortiSASE

See Initializing FortiSASE.

Get started with securing FortiSASE remote users

See:

Learn about new FortiSASE features

See What's new.

Learn about best practices for deploying a FortiSASE architecture

Go to Best Practices | 4-D resources. Review the document categories.

Review information about FortiSASE releases, including resolved and known issues

See FortiSASE Release Notes.

Requirements

The following items are required before you can initialize FortiSASE:

Requirement

Description

FortiCloud account

Create a FortiCloud account if you do not have one. Launching FortiSASE requires a primary FortiCloud account. A primary FortiCloud account can invite other users to launch FortiSASE as secondary users.

Internet access

You must have internet access to create a FortiSASE instance.

Browser

Device with a browser to access FortiSASE.

You can only create one FortiSASE instance per FortiCloud account.

Licensing

The FortiSASE portal enforces license requirements when you log in. FortiSASE requires the FortiSASE subscription based on the number of remote users. Some FortiSASE features, such as assisted onboarding, require the Advanced or Comprehensive license. See the SASE and Zero Trust Ordering Guide for licensing details.

Initializing FortiSASE

To initialize FortiSASE:
  1. Log in to the FortiSASE portal with your FortiCloud account.
  2. Select the desired geographical locations for your security sites and log storage.
    Note

    You can select fewer security sites than the maximum you are entitled to. In this case, upon each login, the FortiSASE portal prompts you to select up to the maximum number of security sites.

    Do one of the following:

    • Select up to the maximum number of entitled security sites and click Apply Now.

    • Simply click Apply Later to acknowledge this prompt. It appears upon the next login.

  3. Click Start Now for FortiSASE to provision your environment. This initialization may take up to ten minutes.
  4. The FortiSASE dashboard displays enabled security features and endpoint management information. This example creates a local user:
    1. Go to Configuration > Users & Groups.
    2. Click Create.
    3. Select User, then click Next.
    4. In the Email field, enter the desired email. FortiSASE sends instructions and an invitation code to this email address. The user uses this code to connect FortiClient to FortiSASE.
    5. If desired, enable and configure Temporary administrative password. Users change their password during the activation process. You may want to configure a password if you anticipate that you need administrative access to this VPN user before the activation process.
    6. Click OK.

You should only create local users for simple deployments. To configure FortiSASE for remote user authentication, see Authentication Sources and Access.

Previous
Next