Course Overview
In this course, you will learn how to use FortiAuthenticator for secure authentication and identity management. You will learn how to configure and deploy FortiAutheticator, use FortiAuthenticator for certificate management and two-factor authentication, authenticate users using LDAP and RADIUS servers, and explore SAML SSO options on FortiAuthenticator.
Who should attend
Anyone who is responsible for the day-to-day management of FortiAuthenticator should attend this course.
Prerequisites
You must have an understanding of the topics covered in FortiGate Security- NSE4 (FORT-SECI) and FortiGate Infrastructure- NSE4 (FORT-INFRA), or have equivalent experience.
It is also recommended that you have an understanding of Authentication, Authorization, and Accounting [/list]
System Requirements- If you take the online format of this class, you must use a computer that has the following:
- A high-speed Internet connection
- An up-to-date web browser
- A PDF viewer
- Speakers or headphones
- You should use a wired Ethernet connection, not a WiFi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.
Course Objectives
After completing this course, you will be able to:
- Deploy and configure FortiAuthenticator
- Configure the LDAP and RADIUS services
- Configure the self-service portal
- Configure FortiAuthenticator and FortiGate for two-factor authentication
- Provision FortiToken hardware and FortiToken hardware / mobile software tokens
- Configure FortiAuthenticator as a logon event collector using the FSSO communication framework
- Configure portal services for guest and local user management
- Configure FortiAuthenticator for wired and wireless 802.1x authentication, MAC-based authentication, and machine-based authentication using supported EAP methods
- Troubleshoot authentication failures
- Manage digital certificates (root CA, sub-CA, user, and local services digital certificates)
- Configure FortiAuthenticator as a SCEP server for CRLs and CSRs
- Configure FortiAuthenticator as a SAML identity provider and service provider
- Monitor and troubleshoot SAML
- Configure FIDO for passwordless authentication
Outline: FortiAuthenticator - NSE6 (FORT-AUTHENTICATOR)
- 1. Introduction and Initial Configuration
- 2. Administrative Users and High Availability
- 3. Administering and Authenticating Users
- 4. Managing Users and Troubleshooting Authentication
- 5. Two-Factor Authentication
- 6. FSSO Process and Methods
- 7. FSSO Deployment and Troubleshooting
- 8. Portal Services
- 9. PKI and FortiAuthenticator as a CA
- 10. Certificate Management
- 11. 802.1X Authentication
- 12. SAML
- 13. FIDO2 Authentication