Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
VinayHM
Staff
Staff

Created on ‎08-06-2025 10:27 AM Edited on ‎08-07-2025 01:59 AM By Moderator

Article Id 404656

Technical Tip: Differences between the blue and orange icons for the people icon in logs

Description This article explains the differences between the blue and orange icons in the forward logs.
Scope FortiGate.
Solution

There are two icons displayed in the forward traffic or the FortiView session.

 

difff.png

  • Blue Icon: Represents user sessions authenticated via centralized authentication methods like FSSO (Fortinet Single Sign-On), LDAP, RADIUS, etc. These sessions are tied to users authenticated through external identity providers.

  • Orange Icon: Indicates device detection-based sessions, where Fortinet identifies users or devices directly through device detection mechanisms rather than centralized authentication. This could include devices detected via network traffic or device fingerprinting.
414
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.