Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

WillSudd
New Contributor

Created on ‎05-12-2020 09:01 AM

Fortimanager admin account

Do we need to keep the local admin accounts on the Fortigates if we are using Fortimanager?

------------------------------
Wil Sudds
------------------------------
WIL - Network Analyst
WIL - Network Analyst
Labels:
576
0 Kudos
1 Solution
jimsokol
New Contributor III

Created on ‎05-13-2020 11:34 AM

My opinion is to keep at least one local admin account in case you need a way to login locally when there is no connectivity to FortiManager (for whatever reason).

View solution in original post

560
0 Kudos
4 REPLIES 4
jimsokol
New Contributor III

Created on ‎05-13-2020 11:34 AM

My opinion is to keep at least one local admin account in case you need a way to login locally when there is no connectivity to FortiManager (for whatever reason).
561
0 Kudos
WillSudd
New Contributor
In response to jimsokol

Created on ‎05-13-2020 01:40 PM

Thanks Jim,

I have created to two additonal accounts on the local Fortigates and wanted to know if it is okay to remove the default local account. 

Thanks,
WIL - Network Analyst
WIL - Network Analyst
560
0 Kudos
jimsokol
New Contributor III
In response to WillSudd

Created on ‎05-14-2020 05:36 AM

You didn't say whether you were reasonably current on your FortiManager firmware. Although there is still admin user configuration for the FMG device, I believe under the covers it now uses a different method (Fortimanager_Access/fgfm_tunnel) for performing things on a unit from its perspective. The only thing I know of that may use it is the "Connect to CLI via" functionality, but you should be able to change that when connercting if you use it. Perhaps others on this list know of other things. It might be best to test with one unit, if possible, to check for impact.
560
0 Kudos
WillSudd
New Contributor
In response to jimsokol

Created on ‎05-14-2020 04:08 PM

We manage an enterprise network with over 50 Fortigates and some of the local accounts have been removed months ago. I was just wondering if this account was needed for anything else. You are right we use the CLI occasionally, also we can connect to all Fortigates outside of Fortimanager with the created local user accounts. I think it is safe to say they are not needed. The reason I am asking was that we are showing some SIEM logs from the local user account on some Fortigates that keeps trying to log in to itself at 127.0.0.1. If this account was removed from these devices the error would also go away.
WIL - Network Analyst
WIL - Network Analyst
560
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.