Skip to main content
telecosistem
telecosistem
New Member
October 28, 2016
Question

FSSO Agentless mode

  • October 28, 2016
  • 2 replies
  • 11275 views

Hello,

I have a question regarding to agentless polling mode. I know that in Polling mode the collector agent is installed on Windows Sever. However in Agentless polling mode the Fortigate could directly polls the AD domain controller?

 

Best regards,

    2 replies

    xsilver_FTNT
    Staff
    xsilver_FTNT
    Staff
    October 31, 2016

    Hello,

    yes, as you might found from documentation, FortiGate can poll AD directly.

    However I would consider this as entry level of FSSO as it does WinSec polling only without any NTLM fallback possibility or workstation check. Capabilities of this Collector built-into FortiOS are limited.

    Good for small/single domain with few users or test environment.

    I would not recommend it for bigger domains/multi-domain environment or for more ADs and users than a hand full.

    Best regards,

    Tomas

    burim
    burim
    New Member
    May 30, 2017

    xsilver wrote:

    Good for small/single domain with few users or test environment.

     

    Is this something based on your personal experience with fortigate sso or is it official from Fortinet as well? I am asking this because we are about to implement a big project that involves more then 20.000 users with two level child domains.

     

    Thank you.

    fl0at0xff
    fl0at0xff
    New Member
    November 1, 2016

    Hello,

    It is possible to configure fortigate unit to be connected with the AD without installing software on the AD

    MikePruett
    MikePruett
    New Member
    November 1, 2016

    fl0at0xff wrote:

    Hello,

    It is possible to configure fortigate unit to be connected with the AD without installing software on the AD

    Yes, the FortiGate can query the AD and poll it regularly for logons etc.

    Terms & ConditionsAccessibility statement