Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fl0at0xff
New Contributor

Created on ‎11-01-2016 10:10 AM

What is the best choice for FSSO

Hello,

Which is the best way to use FSSO when I just have one Windows DC ? I saw that it is possible to configure the fortigate only to "query" the AD and nothing has to be installed on the AD. It is a good choice to just install the collector directly on the AD if I just have one AD ? Is the collector useful when there is just one AD ? 

 

Thank you in advance for your responses

Labels:
28104
0 Kudos
11 REPLIES 11
sotir1984
New Contributor
In response to xsilver_FTNT

Created on ‎12-18-2018 04:38 AM

Hi,

 

Is there a limit on how many DC's can you poll directly from FortiGate?

 

-Sotir-

-1984-

685
0 Kudos
xsilver_FTNT
Staff
Staff
In response to sotir1984

Created on ‎12-18-2018 05:04 AM

Well .. there are limits governed by max. values table .. but in fact I would not poll from FGT at all, or for very, very small domain environment. Let's say one DC.

Use standalone Collector Agent on DC or any domain member to do WinSec+WMI polling, or DCAgent, or mix of polling and DCAgent. That's much better and more scale-able solution. And Collector is distributed free of charge alongside with FortiOS on support portal.

Tomas Stribrny - NASDAQ:FTNT - Fortinet stuff - TAC L3 Escalations engineer

685
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.