Description
This article describes optimal ways to strengthen security and improve operational efficiency with FortiGate admin profiles, enabling customized access control and privileges for different administrators.
Scope
FortiGate running v7.2.5 or above.
Solution
FortiGate's admin profiles offer a robust method for managing administrative access to the FortiGate device, granting the flexibility to customize privileges for different administrators. Follow these steps to optimize the configuration of admin profiles for improved security and efficient management:
If 'Custom' is chosen, granular control can be gained.
Note: To provide clearer explanations, each section under 'Custom' is enabled individually while keeping all other sections disabled in all the access control features.
Policy:
Address:
Service:
Schedule:
Others:
Configuration:
Data Access:
Report Access:
Threat Weight:
Configuration:
Packet Capture:
Router:
Administrator Users:
FortiGuard Updates:
Configuration:
Maintenance:
Only Dashboard Status would be visible. The rest of the things under Dashboard will not be displayed.
Configure Administrative Services: Under the 'Administrative Services' section, enable or disable specific administrative services based on security policies. For example, restrict SSH access to trusted IPs only.
Assign Administrators to the Profile: Go to 'System -> Administrators' and select an existing administrator or create a new one. In the administrator's settings, associate the admin profile that was created with the respective administrator.
Save and Validate the Configuration: After configuring the admin profile and associating it with administrators, thoroughly review the settings to ensure they align with the organization's security and operational requirements. Then, select the 'OK' or 'Apply' button to save the changes.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.