What’s New in FortiPAM 1.8: Advancing Privileged Access Management

Fortinet continues to strengthen its Privileged Access Management portfolio with the release of FortiPAM 1.8.0. This version introduces meaningful enhancements across usability, security, automation, logging, and scalability, helping organizations better protect and manage privileged credentials and sessions.

This blog highlights the most impactful new features and improvements in FortiPAM 1.8 and explains how they benefit security and operations teams.

Improved Privileged Session Launch and Diagnostics

FortiPAM 1.8 enhances the remote access experience, particularly for RDP-based workflows.

Administrators and users can now define custom screen resolutions when launching Web RDP sessions, enabling better usability across different devices and use cases. In addition, built-in RDP diagnostic messages provide clearer feedback when session launches fail, helping users quickly identify issues such as connectivity problems, authentication failures, or configuration mismatches.

These improvements reduce troubleshooting time and improve the overall end-user experience.

Enhanced Secret and Folder Management

Secret management workflows have been refined to provide better visibility and consistency.

Folder editing has been improved to clearly display inherited policies and align folder selection behavior with secret editing. The secret edit interface itself now includes dedicated audit views for DLP and antivirus logs, a Requests and Jobs tab for tracking related actions, and a more streamlined configuration layout based on secret type.

FortiPAM 1.8 also introduces password expiration notifications for secrets. Administrators can configure alerts and email notifications to ensure credentials are rotated on time, supporting compliance and reducing operational risk.

Support has also been expanded for additional credential types, including Siemens TIA Portal Cloud, along with a new FortiOS 7.6.3 and later SSH password changer.

Stronger Identity and Access Controls

FortiPAM 1.8 introduces several enhancements for identity management and access governance.

JWT user identification now supports regular expression matching, allowing more flexible extraction of user attributes. Administrators can also define limits on how many secrets a user can launch concurrently, improving session control and resource management.

SAML integrations have been enhanced with support for email and display name attributes for auto-provisioned users. FortiPAM can now cache the selected SSO provider for returning users, reducing login friction. An additional security option allows administrators to require both SAML assertions and responses to be signed.

Logging, Monitoring, and Notifications

Logging and audit capabilities are significantly improved in FortiPAM 1.8.

System and secret logs can now be forwarded to an external Syslog server, such as FortiSIEM, enabling centralized monitoring and correlation. Secret session logs have been enhanced to capture clearer session start and stop events, with configurable retention for session closure records.

Email notifications now support FQDN-based proxy configuration, improving flexibility in enterprise mail routing. FortiPAM also introduces improved invitee management, including the ability to revoke invitations directly from the user interface.

Licensing, User Lifecycle, and Platform Controls

FortiPAM 1.8 introduces a new concurrent login license model for virtual machine deployments. This allows organizations to license based on active sessions rather than total users, which is especially beneficial for environments with large numbers of occasional users.

Auto-provisioned remote users can now be automatically disabled after a defined period of inactivity, helping reclaim licenses and maintain a cleaner user directory. Administrators can also restrict which user roles are allowed to access specific FortiPAM interfaces, strengthening access control at the platform level.

Hardware and Platform Updates

This release adds support for new FortiPAM hardware models, including the 1100G and 3100G appliances, designed to meet the performance and scalability needs of large enterprises.

FortiPAM 1.8 also consolidates FortiSRA functionality into the FortiPAM platform, simplifying privileged access architectures and providing an additional user license seat for existing FortiSRA customers.

Conclusion

FortiPAM 1.8 represents a major step forward in privileged access management. With improved session diagnostics, stronger automation, enhanced logging, more flexible licensing, and deeper identity integrations, this release helps organizations reduce risk while improving operational efficiency.

For organizations already using FortiPAM, upgrading to version 1.8 delivers immediate value. For those evaluating PAM solutions, FortiPAM 1.8 offers a comprehensive, enterprise-ready approach to securing privileged access.