Fortinet FortiToken™ 200 Two-Factor Authentication

The FortiToken-200 allows organizations to deploy a two-factor authentication solution. It is an easy-to-use, one-time password (OTP) token that reduces the risk of compromise created by alternative single-factor authentication systems relying on, for example, static passwords. The FortiToken enables administrators with the need for two-factor authentication to offer enhanced security for both remote and on-premise users. The FortiToken-200 is a part of Fortinet’s broad multi-factor authentication product strategy; it ensures that only authorized individuals access your organization’s sensitive information — enabling business, protecting your data, lowering IT costs, and boosting user productivity.

You cannot always trust your users with your network security. Relying solely on static passwords for remote access to your VPN and web sites provides only weak authentication because your users’ passwords are vulnerable to theft or guessing, as well as dictionary and brute-force attacks. No matter the size of your network, easy-to-use-and-deploy One Time Password (OTP) tokens let you solve this problem affordably by adding a second factor for strong authentication.

FortiToken-200 Features & Benefits:

• Extremely secure, strong authentication using OTP tokens ensures a high degree of identity certainty and enhances online trust
• Totally scalable security solution meets compliance requirements (e.g., HIPAA, PCI, FFIEC) and industry best-practices for all deployment sizes
• Long battery life, perpetual license, simple deployment model, and minimal required infrastructure gives you low cost of ownership for your strong authentication solution
• Zero client footprint lets you easily administer tokens for your remote users while the low learning curve ensures quick and painless adoption by end-users
• Tokens can be used for authentication to multiple online systems, and you can quickly reassign them among users, protecting your investment
• Highly secure seed delivery options allow you to manage your tokens flexibly in the way that makes most sense for your network operations and security requirements

Leverage Existing Fortinet Platforms

Each FortiGate™ consolidated security platform is able to provide an integrated authentication server. Combining this authentication capability with the FortiToken eliminates the need for the external server typically required when implementing two-factor solutions.

The short-lived, time-based token adds strong authentication to secure remote Virtual Private Network (VPN) IPSEC access, SSL VPN access, Wi-Fi Captive Portal network logon and FortiGate Administrator login. The token always remains synchronized with the FortiGate controller.

Seeds Managed by FortiGuard®

The FortiGuard™ Center maintains your token seeds in a cloud-based repository. Once a FortiToken has been registered, FortiGuard securely distributes the necessary token seeds to FortiGate to complete the process. When required by identity based security policies, the FortiGate is able to verify the users 6-digit OTP against its own database.

Standards and AAA Servers Compatibility

The FortiToken-200 is compatible with popular on-premise and remote access servers including Active Directory, LDAP and RADIUS. The FortiGate maintains the backend communication with these servers and at the same time manages the second factor authentication with the users. Moreover in combination with FortiGate, the token complies with OATH standards.

Resilient Design

The FortiToken-200 comes in tamper-resistant/tamper-evident packaging for additional security. The token also has a tamper-proof memory design which protects the internal synchronous dynamic password generator.

FortiClient PC Benefits:

• Reduces costs and complexity by using your existing FortiGate as the two-factor authenticator
• Token seed repository by FortiGuard™ minimizes provisioning headaches
• Perpetual token license eliminates annual subscription fees
• Low cost of entry with scalability

FortiClient PC Features:

• Integrated with FortiClient™ and protected by FortiGuard™
• Standards-compliant
• Synchronized with FortiGate® OTP dbase
• Short-duration (60-seconds), time based , 6-digit password