Introduction, About authentication – Fortinet FortiGate v3.0 MR7 User Manual
Page 5
Introduction
About authentication
FortiOS v3.0 MR7 User Authentication User Guide
01-30007-0347-20080828
5
Introduction
This section introduces you to the authentication process from the user and the
administrators perspective, and provides supplementary information about
Fortinet publications.
The following topics are covered in this section:
•
•
•
FortiGate administrator’s view of authentication
•
•
•
•
Customer service and technical support
About authentication
Computer networks have, for the most part, improved worker efficiency and
helped a company’s bottom line. Along with these benefits, the need has arisen
for workers to be able to remotely access their corporate network, with
appropriate security measures in place. In general terms, authentication is the
process of attempting to verify the (digital) identity of the sender of a
communication such as a log in request. The sender may be someone using a
computer, the computer itself, or a computer program. A computer system should
only be used by those who are authorized to do so, therefore there must be a
measure in place to detect and exclude any unauthorized access.
On a FortiGate unit, you can control access to network resources by defining lists
of authorized users, called user groups. To use a particular resource, such as a
network or a VPN tunnel, the user must:
•
belong to one of the user groups that is allowed access
•
correctly enter a user name and password to prove his or her identity, if asked
to do so
This process is called authentication.
You can configure authentication for:
•
any firewall policy with Action set to ACCEPT
•
SSL VPNs
•
PPTP and L2TP VPNs
•
a dialup IPSec VPN set up as an XAUTH server (Phase 1)
•
a dialup IPSec VPN that accepts user group authentication as a peer ID
Note: This document does not describe certificate-based VPN authentication. For
information about this type of authentication, see the
and the