Is the captive portal safe? (it's HTTP by default)
I want to use FortiGate captive portal for my wifi users (Windows RADIUS authentication). I tested it out and it works perfectly. My only concern is that the captive portal itself is HTTP. Isn't that bad? Someone can potentially steal a user's AD account UN and PW. I can't make it HTTPS because it's a private IP. And I cannot enforce the BYOD users to install a self-signed certificate.
How many of you use the captive portal? What do about it being HTTP? or am I missing something here?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.