Support User Manuals

Fortinet 5.0 Patch 6 Microscope & Magnifier User Manual

Open as PDF

of 705

Fortinet 51 FortiWeb 5.0 Patch 6 Administration Guide

See also

• Configuring access profiles

• Administrators

• Trusted hosts

Trusted hosts

As their name implies, trusted hosts are assumed to be (to a reasonable degree) safe sources of

administrative login attempts.

Configuring the trusted hosts of your administrator accounts (Trusted Host #1, Trusted Host #2,

and Trusted Host #3) hardens the security of your FortiWeb appliance by further restricting

administrative access. In addition to knowing the password, an administrator must connect only

from the computer or subnets

you specify. The FortiWeb appliance will not allow logins for that

account from any other IP addresses. If all administrator accounts are configured with specific

trusted hosts, FortiWeb will ignore login attempts from all other computers. This eliminates the

risk that FortiWeb could be compromised by a brute force login attack from an untrusted

source.

Trusted host definitions apply both to the web UI and to the CLI when accessed through Telnet,

SSH, or

th

e CLI Console widget. Local console access is not af

fected by trusted hosts, as the

local console is by definition not remote, and does not occur through the network.

Relatedly, you can white-list trusted end-use

r IP addresses. End users do not log in to the

web UI, but their connections to protected web servers are normally subject to protective scans

by FortiW

eb unless the clients are trusted. See “Blacklisting & whitelisting clients individually by

sour

ce IP” on page 335.

See also

• Administra

tors

• Configuring access profiles

• Permissions

Maximum concurrent administrator sessions

If single administrator mode is enabled, you will not be able to log in while any other account is

logged in. You must either wait for the other person to log out, or power cycle the appliance.

For details, see “Enable Single Admin User login” on page 54.

Global web UI & CLI settings

Some settings for connections to the web UI and CLI apply regardless of which administrator

account you use to log in.

To configure administrator settings

1. Go to System > Admin > Settings.

To ac

cess this part of the web UI, your administrator's account access profile must have

Read and Write permission to items in the System Configuration category. For details, see

“Permissions” on page 47.

previous next