User Groups; Protection Profiles; Defining User Groups - Fortinet FortiGate User Manual

Users and user groups

User groups

Protection profiles

Defining user groups

1
2
3
4
5
6
FortiGate User Authentication Version 1 Guide
01-28007-0233-20050825
User groups have users or authentication servers as members. Firewall policies
and some types of VPN configurations allow access to user groups, not to
individual users.
Each user group is associated with a protection profile to determine the antivirus,
web filtering, spam filtering, and intrusion protection settings that apply to the
authenticated connection. The FortiGate unit contains several pre-configured
protection profiles and you can create your own as needed.
When you create or modify any firewall policy, you can select a protection profile.
But when a firewall policy requires authentication, its own protection profile is
disabled and the user group protection profile applies. For more information about
protection profiles, see "Protection profile" in the Firewall chapter of the FortiGate
Administration Guide for your unit.
Protection profiles do not apply to VPN connections.
You define a user group by typing a name, selecting users and/or authentication
servers and selecting a protection profile.
To define a group - web-based manager
Go to User > User Group.
Select Create New.
Enter a name for the user group.
One at a time, select user names from the Available Users list and select the right-
pointing arrow to move them to the Members List.
In the lists, users defined in User > Local are listed under Local Users and
authentication servers are listed under Users on RADIUS/LDAP servers.
If you are using this user group for firewall policy authentication, select a
protection profile.
Select OK.
User groups
17