As their name implies, trusted hosts are assumed to be (to a reasonable degree) safe sources of administrative login attempts.
Configuring the trusted hosts of your administrator accounts (
Trusted Host) hardens the security of your FortiADC appliance by further restricting administrative access. In addition to knowing the password, an administrator must connect only from the computer or subnets you specify. The FortiADC appliance will not allow logins for that account from any other IP addresses. If
all administrator accounts are configured with specific trusted hosts, FortiADC will ignore login attempts from all other computers. This eliminates the risk that FortiADC could be compromised by a brute force login attack from an untrusted source.
Trusted host definitions apply both to the web UI and to the CLI when accessed through Telnet, SSH, or the
CLI Console widget. Local console access is
not affected by trusted hosts, as the local console is by definition not remote, and does not occur through the network.