Hi everyone, I had a question about this scenery:
I obtain User's Logon/Logout with FSSO, my users of AD are on groups who are related one-to-one to Fortigate users groups.
So, I create a policy for every user groups, with their respective Security Policy for Application Control and Web Filter.
The problem became with users that had assigned two or more AD groups, because the order of Policies allow or deny(or reset for browser-based) applications and block URLs.
Theres any way to allow or deny not for precedence of the rules, but by another way?
One solution that I find, its to create a organizational hierarchy order of policies for groups (directors, aux, adm, etc).
Regards,
Kind Regards,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi. I have the same situation. Are you find a solution?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.