Description

This article describes how to gain a better understanding of FortiEDR console session timeout Behavior.

Scope

Session timeout behavior can vary depending on the type of page or tab a user accesses within the FortiEDR Console. This variability explains why users sometimes remain logged in for extended periods and, at other times, are required to re-authenticate.

Solution

• Dashboard and Organization Pages:
  These pages are designed to remain logged in indefinitely without a session timeout. This ensures uninterrupted access to key operational data.

• Other Pages and Tabs:
  All other areas within the console, such as tools and configuration pages, are subject to a configurable idle session timeout. Once the timeout period elapses, users are prompted to log in again.

Configuration Options:

• The Session Timeout settings can be adjusted in the Administration -> Tools section under the 'Hoster' view.
• The timeout duration determines how long (in minutes) a session can remain idle before expiration.
• Default Setting: 15 minutes.
• Adjustable Range: 1 to 1440 minutes (1 day).

By fine-tuning these settings, organizations can balance security needs with user convenience, ensuring that critical data is protected while minimizing disruptions to workflows.

Important note:

This configuration can only be modified from the Hoster View and will apply uniformly across shared environments. This ensures consistency in session management across all users sharing the environment.

For more details, refer to the FortiEDR administration guide:

Tools - Administration guide.