Chapter 18 Troubleshooting : ­Verifying FortiGate admin access security
  
­Verifying FortiGate admin access security
FortiOS provides a number of methods that help to enhance FortiGate administrative access security. This section describes FortiGate administrative access security best practices.
Install the FortiGate unit in a physically secure location
Add new administrator accounts
Change the admin account name and limit access to this account
Only allow administrative access to the external interface when needed
When enabling remote access, configure Trusted Hosts and Two-factor Authentication
Change the default administrative port to a non-standard port
Enable Password Policy
Maintain short login timeouts
Modify administrator account Lockout Duration and Threshold values
Disable auto installation via USB
Auditing and Logging