Unified Identity and Access Management Architecture
This technical demonstration showcases Fortinet's integrated IAM solution combining FortiPAM (Privileged Access Management), FortiAuthenticator Cloud, and FortiIdentity Cloud. The architecture supports both internal and remote users, with FortiAuthenticator providing primary authentication through RADIUS or SAML integration with third-party identity providers including Entra ID, Okta, Active Directory, and local authentication. FortiIdentity Cloud adds multi-factor authentication through mobile push notifications or email verification. The solution addresses the complexity of merging multiple identity providers during company acquisitions and mergers, offering a unified authentication environment applicable to MSSPs and enterprises of any size.
Role-Based Access and Session Management
FortiPAM delivers differentiated user experiences based on role classification. Contractors receive simplified dashboards with pre-configured access to specific targets, while employees access more robust dashboards with expanded capabilities. The platform supports multiple access methods including SSH via PuTTY, WinSCP, WebSSH, WebSFTP, Remote Desktop, and Web RDP launchers. A key security feature is comprehensive session recording that captures not only access events but the actual commands executed within target systems. The auto-provisioning capability automatically creates privileges and access to secrets for authenticated users, streamlining administrative overhead while maintaining security controls.
