In this recipe, you use agent based fortinet single signon fsso to allow users to login to the network once with their windows ad credentials and seamlessly access all appropriate network resources. Under ssoidentity select fortinet single signon agent. Fortinet sso fsso sends information about windows user log ons to fortigate units. Installing the fsso agent fortinet documentation library. In order to install fsso agentbased authentication, the software should be downloaded from the fortinet service and support web portal. Download forticlient next generation endpoint protection. Fortios can provide single signon capabilities to windows ad, citrix, vmware horizon, novell edirectory, or, as of fortios 5. Here we are downloading and installing both the dc agent and fsso collector. The agent software sends information about user logons to the fortigate unit. This article explains how to download fsso agent software. Compliance enforcement with dynamic access control.
Then you follow these two installation procedures on the server that will run the collector agent. Downloading fsso agent software fortinet knowledge base. The fortiauthenticator unit identifies users based on their authentication from a different system, and can be. Agentbased fsso for windows ad fortinet documentation library. Can i use fsso without a dedicated server for collector agent. In this recipe, you use agentbased fortinet single signon fsso to allow users to login to the network once with their windows ad credentials and seamlessly. Each firmware version is released together with a corresponding agent version. To install fsso, you must obtain the fsso setup file from the fortinet support web site. Enter a name, set primary fsso agent either to the ip address of the fortiauthenticator unit or a name, and enter a password.
Connect to the windows ad server and download the fsso agent from fortinet support. Sandbox detection behaviour based zeroday detection web filtering url category based application firewall. To install the agent, open the installer file and use the installation wizard. This can be any server or domain controller that is part of your network.