beautypg.com

0 introduction, 1 scope of document, 2 prerequisites – HID Fortinet and AAA Server User Manual

Page 3: Introduction, Scope of document, Prerequisites

background image

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access | Integration Handbook

P 3

External Use | July 16, 2012 | © 2012 ActivIdentity

1.0 Introduction

FortiGate® appliances provide enterprise-class protection against network, content, and application-level threats

for any deployment, from small offices to large enterprises, service providers, and carriers. Providing secure

access via a VPN over existing Internet connections requires strong, two-factor authentication to protect

resources. The ActivIdentity solutions that work with FortiGate appliances incorporate SSL VPN solutions with

versatile, strong authentication that is flexible, scalable, and simple to manage. ActivIdentity offers two solutions:

ActivIdentity® 4TRESS AAA Server for Remote Access—Addresses the security risks associated

with a mobile workforce remotely accessing systems and data.

ActivIdentity 4TRESS Authentication Server (AS)—Offers support for multiple authentication methods

that are useful for diverse audiences across a variety of service channels (SAML, Radius, etc.),
including user name and password, mobile and PC soft tokens, one-time passwords, and transparent
Web soft tokens.

1.1

Scope of Document

This document explains how to set up ActivIdentity 4TRESS AAA Web token authentication with FortiGate

solutions. Use this handbook to enable authentication via a Web soft token for use with an SSL-protected

FortiGate VPN.

1.2

Prerequisites

The ActivIdentity 4TRESS AAA Server is up-to-date (v6.7) with LDAP users and groups already

configured.

FortiGate version greater than 4.0,build 0513,120130 (MR3 Patch 5) installed and configured.

The Web soft token is configured to work with a PIN.

Users have static LDAP passwords for access to the Self Help Desk to enroll web tokens.

The FortiGate login page has been customized (illustrated in this handbook).

The 4TRESS AAA Self Help Desk portal must be published on the Internet. It is not possible to host

the ActivIdentity applet in the Fortinet appliance. The Self Help Desk is used to host and publish the
applet.


See also other documents in the category HID Equipment: