Chapter 18 Troubleshooting
:
Verifying FortiGate admin access security
Verifying FortiGate admin access security
FortiOS provides a number of methods that help to enhance FortiGate administrative access security. This section describes FortiGate administrative access security best practices.
•
Install the FortiGate unit in a physically secure location
•
Add new administrator accounts
•
Change the admin account name and limit access to this account
•
Only allow administrative access to the external interface when needed
•
When enabling remote access, configure Trusted Hosts and Two-factor Authentication
•
Change the default administrative port to a non-standard port
•
Enable Password Policy
•
Maintain short login timeouts
•
Modify administrator account Lockout Duration and Threshold values
•
Disable auto installation via USB
•
Auditing and Logging