Fortinet Network Adapter FSAE manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Fortinet Network Adapter FSAE, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Fortinet Network Adapter FSAE one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Fortinet Network Adapter FSAE. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Fortinet Network Adapter FSAE should contain:
- informations concerning technical data of Fortinet Network Adapter FSAE
- name of the manufacturer and a year of construction of the Fortinet Network Adapter FSAE item
- rules of operation, control and maintenance of the Fortinet Network Adapter FSAE item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Fortinet Network Adapter FSAE alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Fortinet Network Adapter FSAE, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Fortinet service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Fortinet Network Adapter FSAE.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Fortinet Network Adapter FSAE item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    www.fortinet.com For tinet Ser v er Authentication Extension V e rsion 1 .5 TECHNICAL NOTE[...]

  • Page 2

    Fortinet Server Authentication Extension T echnical Note V er sio n 1. 5 01 October 2007 01-30005-03 73-20071001 © Copyright 2007 Fortine t, Inc. All rights reser v ed. No part of this publication inclu ding text, examples, diagrams or illustrations may be re produced, transmitted, or translate d in any form or by any means, electronic, mechanical[...]

  • Page 3

    Contents Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 3 Contents Using FSAE on your networ k................................................ ............ 5 FSAE overview ...................... ................... ................... .................... ................ ... 5 Installing FSAE on your n[...]

  • Page 4

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 4 01-30005-0373-200710 01 Contents[...]

  • Page 5

    Using FSAE on your network FSAE overview Fortinet Server Authentication Exte nsion V ersion 1.5 T echn ical Note 01-30005-0373-2007100 1 5 Using FSAE on your network The Fortinet Server Authentication Extension (FSAE) provides seamless authentication of Microsof t Windows Ac tive Directory users on FortiG ate units. This chapter de scribes how to i[...]

  • Page 6

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 6 01-30005-0373-200710 01 FSAE overview Using FSAE on your network Figure 1: FSAE with DC agent In Figure 1 , the Client User logs on to th e Windows domain, information is forwarded to the FSAE Collector agent by the FSAE agent on the domain controller , and if authentication is[...]

  • Page 7

    Using FSAE on your network Installing FSAE on your network Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 7 Inst alling FSAE on your network FSAE has two components that you must install on your network: • The domain controller (DC) agent, wh ich must be installed on every domain controller • The co[...]

  • Page 8

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 8 01-30005-0373-200710 01 Configuring FSAE on Windows AD Using FSAE on your network 9 Select Next and then select Install. 10 When the FSAE InstallShield Wiza rd completes, ensure that Launch DC Agent Install Wizard is enabled an d se lec t Fin ish. The FSAE - Install DC Agent wi[...]

  • Page 9

    Using FSAE on your network Configuring FSAE on Windows AD Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 9 FSAE sends information about Windows user logons to FortiGate units. If there are many users on your Windows AD doma ins, the large amount of information might affect th e performance of the FortiG[...]

  • Page 10

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 10 01-30005-0373-200710 01 Configuring FSAE on Windows AD Using FSAE on your network T o configure the FSAE collec tor agent 1 From the S tart menu select Programs > Fo rtinet > Fortinet Server Authentication Extension > Configure FSAE . 2 Enter the following information[...]

  • Page 11

    Using FSAE on your network Configuring FSAE on Windows AD Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 11 Configuring the Global Ignore List The Global Ignore List excludes users such as syste m accounts that do not authenticate to any FortiGate unit. The logons of these us ers are not repo rted to Fo[...]

  • Page 12

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 12 01-30005-0373-200710 01 Configuring FSAE on Windows AD Using FSAE on your network T o view the FortiGate Filter List 1 From the S tart menu select Programs > Fo rtinet > Fortinet Server Authentication Extension > Configure FSAE . 2 Select FortiGate Group Filter . The [...]

  • Page 13

    Using FSAE on your network Configuring FSAE on Windows AD Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 13 4 Enter the following informat ion and then select OK. Configuring TCP ports Windows AD records when users log on but not when they log of f. For best performance, FSAE monitors when users log off[...]

  • Page 14

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 14 01-30005-0373-200710 01 Configuring FSAE on FortiGate un its Using FSAE on your network Configuring FSAE on FortiGate unit s T o configure your FortiGate un it to operate with FSAE, you • specify the Windows AD servers that contains the FSAE collector agents • add Active D[...]

  • Page 15

    Using FSAE on your network Conf iguring FSAE on FortiGate units Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 15 Viewing information importe d from the Windows AD server Y ou can view the domain and group informat ion that the FortiGate unit re ceives from the AD Ser v er . Go to User > Windows AD .[...]

  • Page 16

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 16 01-30005-0373-200710 01 Configuring FSAE on FortiGate un its Using FSAE on your network Figure 4: New User Gro up dialog box 3 In the Name box, enter a na me for the group, Developers, for example. 4 From the T ype list, select Active Directory . 5 From the Pr otection Profile[...]

  • Page 17

    Using FSAE on your network T e sting the configurati on Fortinet Server Authentication Extension Version 1.5 T echnical Note 01-30005-0373-20071 001 17 Allowing guests to access FSAE policies Optionally , you can allow guest u sers to ac cess FSAE firewall policies. Guests are users unknown to the Windows AD network and servers th at do not log on [...]

  • Page 18

    Fortinet Server Authentication Ex tension Version 1.5 T echnical Note 18 01-30005-0373-200710 01 NTLM authentication Using FSAE on your network 3 The client connects again, and issues a GET -request, with a Proxy-Authorization: NTLM <negotiate string> header . <negotiate-string> is a base64-encoded NTLM T ype 1 negotiation packet. 4 The[...]

  • Page 19

    www.fortinet.com[...]

  • Page 20

    www.fortinet.com[...]