Pros and cons of Fortinet Single Sign On implementation?

Forum|Forum|8 years ago
May 14, 2018
1 reply
5187 views

Hi everyone!

I'm deciding whether or not to implement FSSO to our existing environment but aren't quite sure why we would do that? What are the pro's and cons and also what does it add to an environment?

Thanks in advance

Lennert

emnoc

New Member

Pro works great

Con, does not satisfy any non MS-domain device. I don't know how you can monitor multiple Domains and multiple FSSO agent in a multi-domain environment

Ken Felix

Fishbone_FTNT

Staff

Hi,

multi-domain is more complex to install and configure properly, but it is supported too.

It depends if it's a domain forest or distinct domains with trusts only.

I can't be really comprehensive here (it would be very long writing), so if you have any concerns regarding multi-domain FSSO, let me know your domain setup and I will try to respond with some notes.

Non-domain devices+domain users can be authenticated by other means (portal, other device) and imported into FSSO ie with Radius Accounting (which can be processed on FSSO CA).

If you have more complex non-domain environment, you can consider to use FAC with number of techniques of logging in user and push it via FSSO into Fortigate. FAC is very strong at this (I wouldn't use it for FSSO itself, though -- requires licensing + my personal preference is standalone FSSO CA).

Regards,

Fishbone)(

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded