Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Staff
Staff

Created on ‎04-09-2010 08:57 AM

Article Id 195323

Technical Tip : FortiOS 4.0 MR2 Concurrent user name restriction feature

Description

This article explains how to enable the concurrent user name restriction feature that was introduced on the FortiGate in FortiOS 4.0 MR2.


Scope
FortiOS 4.0 MR2 and above.
Solution
This feature has been implemented in FortiOS to prevent users trying to spoof FortiOS Firewall Policy authentication by using valid domain user names to gain unauthorized access to the network.

When activated, the FortiGate checks and restricts concurrent access from the same user name, but using a different IP address.
 
To activate this profile on the CLI, perform the following:
 
#config system global
#set admin-concurrent enable/disable
#set policy-auth-concurrent enable/disable
#end
These options check existing firewall and admin users and will then restrict access when no match is found. 

2356
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.