Is FortiGate as a local FSSO poller with mutiple DC's possible?

Author
J13224
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/07/11 13:50:23
  • Status: offline
2018/07/11 13:56:58 (permalink)
0

Is FortiGate as a local FSSO poller with mutiple DC's possible?

Can FSSO work in a small AD network with 2 DC's using the FG as a Local FSSO poller (Agentless)
I have it configured with 2 SSO connections one to each DC but it does not seem to be capturing logons to the 2nd DC. 
 
I have seen mixed information as to if this is possible without an "external" collector agent.
 
Thanks,
#1

1 Reply Related Threads

    xsilver_FTNT
    Expert Member
    • Total Posts : 313
    • Scores: 61
    • Reward points: 0
    • Joined: 2015/02/02 03:22:58
    • Status: offline
    Re: Is FortiGate as a local FSSO poller with mutiple DC's possible? 2018/07/12 00:48:09 (permalink)
    0
    Hi J13224,
    local polling from FortiGate is possible.
    However it has it's limits. Mainly:
    - no workstation checks
    - no other methods of log collection but WinSec polling only with fixed EventIDs polled
    - no IP change monitoring
    - logon processing load affect firewall
     
    Standalone Collector Agent is from my point of view much better solution.
    Even for small environments like 1-2 DCs.
    I would suggest to install Collector on one DC (or both for resiliency, but FortiGate will use only one at a time and switch to other when old one is unreachable).
    And I wouls suggest to use WinSec polling with WMI (last polling option in settings).
     
    Kind regards,
    Tomas

    Kind Regards,
    Tomas
    #2
    Jump to:
    © 2018 APG vNext Commercial Version 5.5