Call a Specialist Today! 020 3958 0662 Free Delivery! Free Delivery!

Fortinet FortiAuthenticator 800F
User Identity Management and Single Sign-On

Fortinet FortiAuthenticator 800F Appliance

Fortinet Products
FortiAuthenticator 800F Base Appliance
Fortinet FortiAuthenticator 800F Identity and Access Management
4x GE RJ45 ports, 2x GE SFP, 2x 2 TB HDD. Base License supports up to 8000 users. Expand user support to 18000 users by using FortiAuthenticator Hardware Upgrade License.
#FAC-800F
List Price: £20,880.32
Our Price: Request a Quote
FortiAuthenticator 800F FortiCare Premium Support
FortiAuthenticator-800F 1 Year FortiCare Premium Support
#FC-10-AC8HF-247-02-12
List Price: £4,176.07
Our Price: Request a Quote
FortiAuthenticator-800F 3 Year FortiCare Premium Support
#FC-10-AC8HF-247-02-36
List Price: £12,528.19
Our Price: Request a Quote
FortiAuthenticator-800F 5 Year FortiCare Premium Support
#FC-10-AC8HF-247-02-60
List Price: £20,880.32
Our Price: Request a Quote

Click here to jump to more pricing!

Overview:

FortiAuthenticatorTM user identity management appliances strengthen enterprise security by simplifying and centralizing the management and storage of user identity information.

Network and Internet access is key for almost every role within the enterprise; however, this requirement must be balanced with the risk that it brings. The key objective of every enterprise is to provide secure but controlled network access enabling the right person the right access at the right time, without compromising on security.

Fortinet Single Sign-On is the method of providing secure identity and rolebased access to the Fortinet connected network. Through integration with existing Active Directory or LDAP authentication systems, it enables enterprise user identity-based security without impeding the user or generating work for network administrators. FortiAuthenticator builds on the foundations of Fortinet Single Sign-on, adding a greater range of user identification methods and greater scalability. FortiAuthenticator is the gatekeeper of authorization into the Fortinet secured enterprise network identifying users, querying access permissions from third party systems, and communicating this information to FortiGate devices for use in Identity-Based Policies.

FortiAuthenticator delivers transparent identification via wide range of methods:

  • Polling an Active Directory Domain Controller
  • Integration with FortiAuthenticator Single Sign-On Mobility Agent which detects login, IP address changes, and logout
  • FSSO Portal-based authentication with tracking widgets to reduce the need for repeated authentications
  • Monitoring RADIUS Accounting Start records

Highlights:

Key Features and Benefits

FSSO Transparent User Identification Zero impact for enterprise users
Integration with LDAP and AD for group membership Utilizes existing systems for network authorization information, reducing deployment times and streamlining management processes. Integration with existing procedures for user management
Wide range of user identification methods Flexible user identification methods for integration with the most diverse of enterprise environments
Enablement of identity and role-based security Allows security administrator to give users access to the relevant network and application resources appropriate to their role, while retaining control and minimizing risk

FortiAuthenticator Single Sign-On User Identification Methods

FortiAuthenticator can identify users through a varied range of methods and integrate with third party LDAP or Active Directory systems to apply group or role data to the user and communicate with FortiGate for use in Identitybased policies. FortiAuthenticator is completely flexible and can utilize these methods in combination. For example, in a large enterprise, AD polling or FortiAuthenticator SSO Mobility Agent may be chosen as the primary method for transparent authentication with fallback to the portal for nondomain systems or guest users.

Active Directory Polling

User authentication into an active directory is detected by regularly polling domain controllers. When a user login is detected, the username, IP, and group details are entered into the FortiAuthenticator User Identity Management Database and according to the local policy, can be shared with multiple FortiGate devices.

FortiAuthenticator SSO Mobility Agent

For complicated distributed domain architectures where the polling of domain controllers is not feasible or desired, an alternative is the FortiAuthenticator SSO Client. Distributed as part of FortiClient or as a standalone installation for Windows PCs, the client communicates login, IP stack changes (Wired > Wireless, wireless network roaming), and logout events to the FortiAuthenticator, removing the need for polling methods.

FortiAuthenticator Portal and Widgets

For systems that do not support AD polling or where a client is not feasible, FortiAuthenticator provides an explicit authentication portal. This portal allows the users to manually authenticate to the FortiAuthenticator and subsequently into the network. To minimize the impact of repeated logins required for manual authentication, a set of widgets is provided for embedding into an organization’s intranet that automatically logs the users in with browser cookies whenever they access the intranet homepage.

RADIUS Accounting Login

In a network that utilizes RADIUS authentication (e.g. wireless or VPN authentication), RADIUS Accounting can be used as a user identification method. This information is used to trigger user login and to provide IP and group information, removing the need for a second tier of authentication.

Additional Functionality

Strong User Identity with Two-factor Authentication

FortiAuthenticator extends two-factor authentication capability to multiple FortiGate appliances and to third party solutions that support RADIUS or LDAP authentication. User identity information from FortiAuthenticator combined with authentication information from FortiToken ensures that only authorized individuals are granted access to your organization’s sensitive information. This additional layer of security greatly reduces the possibility of data leaks while helping companies meet audit requirements associated with government and business privacy regulations.

FortiAuthenticator supports the widest range of tokens possible to suit your user requirements. With the physical time-based FortiToken 200, FortiToken Mobile (for iOS and Android), e-mail and SMS tokens, FortiAuthenticator has token options for all users and scenarios. Two-factor authentication can be used to control access to applications such as FortiGate management, SSL and IPsec VPN, Wireless Captive Portal login and third party, RADIUS compliant networking equipment.

To streamline local user management, FortiAuthenticator includes user self-registration and password recovery features.

Enterprise Certificate-based VPNs

Site-to-site VPNs often provide access direct to the heart of the enterprise network from many remote locations. Often these VPNs are secured simply by a pre-shared key, which, if compromised, could give access to the whole network. FortiOS support certificatebased VPNs; however, the use of certificate secured VPNs has been limited, primarily due to the overhead and complexity introduced by certificate management. FortiAuthenticator removes this overhead involved by streamlining the bulk deployment of certificates for VPN use in a FortiGate environment by cooperating with FortiManager for the configuration and automating the secure certificate delivery via the SCEP protocol.

For client-based certificate VPNs, certificates can be created and stored on the FortiToken 300 USB Certificate store. This secure, pin protected certificate store is compatible with FortiClient and can be used to enhance the security of client VPN connections in conjunction with FortiAuthenticator.

Additional Features and Benefits

RADIUS and LDAP User Authentication Local Authentication database with RADIUS and LDAP interfaces centralizes user management
Wide Range of Strong Authentication Methods Strong authentication provided by FortiAuthenticator via hardware tokens, e-mail, SMS, e-mail and digital certificates help to enhance password security and mitigate the risk of password disclosure, replay or brute forcing
User Self-registration and Password Recovery Reduces the need for administrator intervention by allowing the user to perform their own registration and resolve their own password issues, which also improves user satisfaction
Integration with Active Directory and LDAP Integration with existing directory simplifies deployment, speeds up installation times and reutilizes existing development
Certificate Management Streamlined certificate management enables rapid, cost-effective deployment of certificatebased authentication methods such as VPN
802.1X Authentication Deliver enterprise port access control to validate users connection to the LAN and Wireless LAN to prevent unauthorized access to the network

Specifications:


FortiAuthenticator 800F
Hardware
10/100/1000 Interfaces (Copper, RJ-45) 4
SFP Interfaces 2
Local Storage 2x 2 TB Hard Disk Drive
Power Supply Dual (1+1) 300W Redundant Auto Ranging (100V–240V)
System Performance
Total Users (Local + Remote) 8,000
FortiTokens 16,000
RADIUS Clients (NAS Devices) 2,666
User Groups 800
CA Certificates 50
User Certificates 40,000
Dimensions
Height x Width x Length (inches) 1.75 x 17.0 x 27.61
Height x Width x Length (mm) 44 x 438 x 701.2
Weight 33.0 lbs (15.0 kg)
Environment
Form Factor Rack Mountable (1RU)
Power Source 100–240V AC, 50–60 Hz
Maximum Current 5A /100V, 2.5A /240V
Power Consumption (Average) 154 W
Heat Dissipation 703 BTU/h
Operating Temperature 0°C–40°C (32°F–104°F)
Storage Temperature -20°C–70°C (-4°F–158°F)
Humidity 5–95% non-condensing
System
Standards Supported 10/100/1000 Base-TX (GE), IP, Telnet, HTTP 1.0/1.1, SSL, RS232, NTP Client (RFC1305), RADIUS (RFC2865), LDAP (RFC4510), x.509 (RFC5280), Certificate Revocation (RFC3280), PKCS#12 Certificate Import, PKCS#10 CSR Import (RFC2986), Online Certificate Status Protocol (RFC 2560), EAP-TLS (RFC2716), Simple Certificate Enrollment Protocol (SCEP)
Management CLI, Direct Console DB9 CLI, HTTPS
High Availability Active-Passive HA and Config Sync HA
Compliance
Safety FCC Part 15 Class A, RCM, VCCI, CE, BSMI, KC, UL/ cUL, CB, GOST

Documentation:

Download the Fortinet FortiAuthenticator Series Datasheet (PDF).

It appears you don't have a PDF plugin for this browser. No biggie... you can click here to download the PDF file.

Pricing Notes:

Fortinet Products
FortiAuthenticator 800F Base Appliance
Fortinet FortiAuthenticator 800F Identity and Access Management
4x GE RJ45 ports, 2x GE SFP, 2x 2 TB HDD. Base License supports up to 8000 users. Expand user support to 18000 users by using FortiAuthenticator Hardware Upgrade License.
#FAC-800F
List Price: £20,880.32
Our Price: Request a Quote
FortiAuthenticator 800F FortiCare Premium Support
FortiAuthenticator-800F 1 Year FortiCare Premium Support
#FC-10-AC8HF-247-02-12
List Price: £4,176.07
Our Price: Request a Quote
FortiAuthenticator-800F 3 Year FortiCare Premium Support
#FC-10-AC8HF-247-02-36
List Price: £12,528.19
Our Price: Request a Quote
FortiAuthenticator-800F 5 Year FortiCare Premium Support
#FC-10-AC8HF-247-02-60
List Price: £20,880.32
Our Price: Request a Quote
FortiAuthenticator User Upgrade
Fortinet FortiAuthenticator 300F, 800F, 3000E or 3000F, 100 user upgrade
#FAC-HW-100UG
List Price: £854.30
Our Price: Request a Quote
Fortinet FortiAuthenticator 300F, 800F, 3000E or 3000F, 1000 user upgrade
#FAC-HW-1000UG
List Price: £2,571.56
Our Price: Request a Quote
Fortinet FortiAuthenticator 800F, 3000E or 3000F, 10000 user upgrade
#FAC-HW-10KUG
List Price: £15,369.48
Our Price: Request a Quote