FortiTrust Identity (FTI) is cloud-based and natively integrated with the Fortinet Security Fabric to deliver a rich set of security controls and centralized management of user authentications, including multi-factor authentication.
FTI enables you to begin your zero-trust journey with reliable user verification and strong authentication, plus ease-of-use for the end user. Adaptive, multi-factor, or passwordless authentication and identity federation for SSO across the enterprise hybrid environment are all included via user-based licensing.
Identity and Access Management Solution
Concerns about security, end-user experience, and the overall cost of a unified IAM (Identity and Access Management) solution are rising as enterprises embrace digital business initiatives—including work-from-anywhere for their workforce. FortiTrust Identity is a cloud-delivered IAM solution that uses modern authentication technologies while leveraging existing network infrastructure to enable organizations to secure user access to cloud and on-premises applications and services.
Learn More about:
Features & Benefits:
Centralized Authentication and Authorization Services
Ensure the right people get appropriate access to your data, resources, and applications across the enterprise
Identity and Multifactor Authentication Management
Increase certainty of user identity with the verification of another factor and adaptive authentication technique
Single Sign-on (SSO) for Cloud Applications and On-Prem Services
Fortinet SSO including modern authentication protocols federating identity for SSO (SAML, oAuth/OIDC, and API support)
Guest, BYOD, and Certificate Management
Customizable portals including self-service capabilities
Simplify Deployment and Identity Access Management
Natively integrated with Fortinet Security Fabric, no additional onsite hardware, software or ACL changes required for hybrid IT environment
Integration with Secure Directories, and Interoperable with External Cloud Identity Proiders (IDPS)
Leverage existing identity systems of record on-premises or in the cloud
Capabilities:
Highly Available Identity-as-a-Service
Hosted in Fortinet Data Center
24/7 Monitoring
Authentication Service
The authentication service built into FortiTrust Identity provides authentication for employees, partners, and contractors via our access identification and verification methods, including our IdP broker/proxy capability that works seamlessly with external IdPs. With FortiTrust Identity, organizations can consolidate several methods into one experience with a single view of managing identity. FortiTrust Identity supports industry authentication and authorization standards:
Cloud/web types: SAML, OAuth2, and OIDC
MFA or strong authentication: OTP, email, SMS (OTP), and FIDO2 security with a variety of hardware form factors and mobile apps. Organizations can choose a factor (or factors) that best fits their environment. Specifically, organizations can secure cross-platform token transfer with the mobile apps for their iOS and Android devices
Adaptive authentication uses the information gathered at a login attempt to evaluate the circumstantial risks of a given login attempt. This information includes time of day, geo-location, historical usage pattern, etc. The second authentication factor is only requested when that risk is higher than a predetermined threshold. Furthermore, the login attempt can be blocked if the circumstantial risk is high enough
SSO
SSO simplifies the end-user experience and reduces the need for repeated authentications to gain secure access across enterprise applications and services
Interoperability
FortiTrust Identity provides IdP broker/proxy capability outof-the-box for organizations that have identities managed across multiple external IdPs. This provides a centralized authentication service across these external IdPs, enabling organizations to have a uniform policy and MFA method independent from external IdPs
Integration
Integration natively with Fortinet Security Fabric, specifically with FortiGate, extends authentication services for secure user access to on-premises resources. No additional gateway or software agents are required to purchase, install, and maintain
Certificate Management
Streamlined certificate management enables rapid, costeffective deployment of certificates
Specifications:
Identity
Highly Available Secure Managed Service
Hosted in Fortinet Data Center
24/7 monitoring
Realm support to effectively allocate resources and better manage end users
Support for multiple MFA options: FortiToken Mobile, email, SMS
FortiToken Mobile Push
Login details pushed to phone for one-tap approval
View login details and approve or deny with one tap
Available on iPhone and Android platforms
Simple app install and activation
MFA Service Integrated with FortiGate and Other Fortinet Products
Protect local and remote FortiGate admin, firewall, and VPN users
Open API to use with any web-based application
Integration with FortiGate, FortiAuthenticator, FortiSandbox, and FortiADC out of the box
No additional hardware or software to purchase, install, and maintain
Add users directly from FortiGate
Remote FortiGate user support
FortiToken Mobile Token Codes
One-time token codes generated by mobile application
Support for iPhone, Android, Windows Universal Platform, and Windows platforms
Operates without cell service or Wi-Fi connection
Secure cross-platform token transfer for iOS and Android devices
