Hello, I need your consultation and help. I want to install FSSO AGENT on my AD server so that Fortigate can see users. There are several installation options for this program:
Could you explain the differences between them and which one is best? Also, if successful, how can I use web filtering to prevent users from accessing specific websites?
#FortiGate
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Liza1
For domain joined users its necessary to install FSSO_Setup_5.0.0289_x64.exe and DCAgent_Setup_5.0.0289_x64.exe ,it depends how many user do you have on your AD that will do passive authentication. You can install as well only FSSO_Setup_5.0.0289_x64.exe and you will use polling mode instead of DC Agent mode ,please check the below doc. it might helps.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-FSSO-in-DC-Agent-mode/ta-p/25299...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FSSO-Agent-in-polling-mode/ta-p/228136
You can take a look at this article that goes in details. Installing only the FSSO collector (1st option) is enough for small setups. Installing the DC agent on every domain (2nd option) together with the Collector is a more efficient way but it will need a reboot on every DC after installing the DCAgent, here is shown the difference.
TS Agent is specific to Terminal servers deployment that have multiple/simultaneously logged in user in a single machine.
Thank you. But if I want to create a policy where an AD user, for example USER1, cannot access a specific website like Facebook. Is there a guide on how to create a firewall policy like this: Source: USER1 Dest All Web Filtering: Block_Facebook? I really need specific instructions on this.
Hi Liza,
Please check the video below,
https://video.fortinet.com/latest/cookbook-blocking-facebook-5-4
You will need to put on source AD user/Group and set that policy on the top.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.