Identity Based Enforcement using FortiGate Products

Overview

IPS integration with the FortiGate firewall provides enhanced identity enabled enforcement with backend authentication and comprehensive compliance checks. This section describes the procedure to integrate IPS with FortiGate firewall using FortiAuthenticator, which acts as a syslog server. The FortiAuthenticator receives the syslog messages from IPS and then creates Fortinet Single Sign-on (FSSO) record which is then shared with FortiGate firewall. The firewall uses the FSSO information to either allow or block traffic based on the configured policy.