Hi,
FML Operation mode Server and Gateway
version 6.4.5
could someone enlighten me what would be the best practices in working with LDAP profile?
1. Under Recipient Policy I can apply LDAP profile in both directions (Inbound and Outbound).
In my own understanding, applying LDAP profile to my outbound policy making sure that only authenticated ldap users are allowed to send emails to external domains.
What would be the effect if I'm going to apply LDAP profile as well for Inbound?
2. under IP policy there's an option as well to apply LDAP profile. In terms if hierarchy which policy will take action if both IP and Recipient policy has LDAP profile?
appreciate if anyone could shed his/her thoughts regarding this.
Thanks
Fortigate Newbie
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hii,
Here are some guidelines to follow while dealing with the LDAP profile in FML Operation mode Server and Gateway:
1. When an LDAP profile is applied to the outbound policy, it guarantees that only LDAP users who have been granted authentication may send emails to external domains. Only authorized LDAP users can receive emails from external domains if the LDAP profile is also applied to the inbound policy. Limiting inbound emails to users who have been validated, adds another degree of protection.
2. The hierarchy determines which policy takes effect if both the IP policy and the Recipient policy have LDAP profiles applied. The IP policy usually prevails over the recipient policy. Therefore, regardless of the LDAP profile applied in the Recipient policy, if the IP policy has an LDAP profile applied, it will be implemented.
Hope my answer is relatable.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1548 | |
1032 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.