[PDF] [PDF] Secure Remote Access for Students, Faculty, and Staff at - Fortinet

[PDF] Secure Remote Access for Students, Faculty, and Staff at - Fortinet

26 mar 2020 · continuity and security For Fortinet customers, our solution includes integrated support for remote access FortiGate next-generation firewalls 

[PDF] FortiClient Data Sheet - Fortinet

Unified Endpoint features including compliance, protection, and secure access into a single, modular lightweight client Zero Trust Applied, with automatic, 

[PDF] FortiClient Administration Guide, v641 - Fortinet Knowledge Base

24 août 2020 · FortiClient also provides secure remote access to corporate assets via VPN with native two-factor authentication coupled with single sign on (SSO) 

[PDF] How to configure FortiOS SSL VPN with FortiToken - Fortinet

config vpn ssl settings set tunnel-ip-pools "SSLVPN_TUNNEL_ADDR1" end config vpn ssl web portal edit "full-access" set allow-access web ftp smb telnet ssh 

[PDF] Installing, Configuring and Using Fortinet VPN Client for Windows

Configuration 1 Launch the FortiClient (orange shield icon on your Desktop) 2 Select the Remote Access tab on the left 3 Click the Configure VPN link in the 

[PDF] FortiClient & FortiClient EMS New Features Guide - AWS

9 fév 2021 · To configure SAML SSO authentication for a personal VPN tunnel in FortiClient ( Windows), on the Remote Access tab, edit or create a new VPN 

[PDF] FortiNAC FortiGate VPN Integration - AWS

11 mar 2021 · FortiGate firewall rules exist to restrict all network access from the VPN interface and remote IP address range configured for VPN connections

[PDF] FortiClient VPN Compliance Access - Fortixpert

3 Solution Architecture Restrict VPN access to rogue/noncompliance devices with Security Fabric FortiGate Internal Network VPN EMS Server Internet 

[PDF] Secure Remote Access & Mobility Advanced Threat Protection

Easy-to-use secure remote access via SSL and IPsec VPN Advanced Threat FortiClient connects every endpoint to form a cohesive security fabric FortiGate

[PDF] fortinet vpn manual

[PDF] fortinet vpn pricing

[PDF] fortinet vpn print instructions

[PDF] fortinet vpn print instructions greyed out

[PDF] fortinet warranty check by serial number

[PDF] fortios

[PDF] fortios 6.0 0

[PDF] fortios 6.0 4

[PDF] fortios 6.0 6

[PDF] fortios 6.4 datasheet

[PDF] fortios release dates

[PDF] fortios upgrade path

[PDF] fortipresence

[PDF] fortisandbox rest api reference

[PDF] fortisandbox 1000d datasheet

1

Secure Remote Access for Students, Faculty,

and Staff at Scale

Executive Summary

Schools and universities face a number of different potential emergency situations, such as illness, ood, hurricanes, and power outages. Implementing a virtual learning plan for your campus or district is essential to ensuring your syst ems are capable of conducting classes and lessons while maintaining the minimum days requirement for public K-12 school districts in the face of adversity. The ability to support students, faculty, and staff with the secure access and appropriate web ltering to study and work remotely is essential to ensuring continuity and security. For Fortinet customers, our solution includes integrated support for remote access. FortiGate next-generation rewalls (NGFWs) have built-in support for virtual private networks (VPNs), enabling remote students and employees to connect securely to the school or campus network when necessary or required. With secure

connectivity, provided by FortiClient, schools and universities can support both cloud-based eLearning and remote work with options to split the trafc as needed

and only require a secure connection to the school or university when accessing data in those environments. The majority of education customers may have no requirement to connect directly to the school or university. The ability to securely support a remote learning policy is an essential component of any continuity and disaster recovery plan. A campus may be incapable of sustaining normal courses and activities onsite, due to a power outage or similar e

vent, or illness or ooding may make it unsafe for students and staff to travel onsite. In the case of K-12, all

remote students are still required to be ltered for Children"s Internet Protection Act (CIPA) compliance. You could be subject to costly audits at a later date for failing to provide ltering. In these scenarios, a school must still be capable of supporting secure and ltered remote connectivity. For Fortinet customers, their existing technology deployment already contains this functionality. FortiGate NGFWs have integrated support for IPsec and SSL VPNs, enabling secure connectivity for partners, students, and faculty and staff working en-USfrom any location.

Securing Remote Users with FortiGate NGFWs

Fortinet solutions are designed to be easy to use from initial purchase through end of life. FortiGate NGFWs include zero-touch deployment functionality. This enables appliances deployed at remote sites, to ensure educational continuity and support for virtual learning through automated setup. The IPsec and SSL VPN integrated into every FortiGate NGFW offers an extremely exible deployment model. Remote students and staff can either take advantage of a clientless

experience or gain access to additional features through the FortiClient endpoint solution.Initiatives that issue laptops to

students have shown signicant positive impact on student test scores in English/language arts, writing, math, and science. 1

Google for Education and similar

services ease administration for teachers, provide new and innovative ways to engage students, and provide students with creative problem-solving skills. 2

Google for Education and similar

services can provide a paperless classroom with easy accessibility, and can help K-12 students transition to other learning management systems used in higher education. 3

Findings show that eLearning

increases retention rates 25% to 60% while retention rates of face-to-face training are only 8% to 10%. 4

SOLUTION BRIEF

2 SOLUTION BRIEF | Secure Remote Access for Students, Faculty, and Staff at Scale The Fortinet Security Fabric takes advantage of a common Fortinet operat ing system and an open application programming interface (API)

environment to create a broad, integrated, and automated security architecture. With the Fortinet Security Fabric, all devices, including

those deployed remotely to support remote learning and work, can be monitored and managed from a single pane of glass. From a

FortiGate NGFW or a FortiManager centralized management platform deploye d in the main campus, the network and security team ca n achieve full visibility into all connected devices, regardless of their deployment situation.

In the event of a natural disaster or other event that disrupts normal operations, an organization must be capable of rapidly transitioning to

a fully remote online education system. Table 1 shows the number of concurrent VPN users that each model of the FortiGate NGFW can

support. Beyond offering encryption of data in transit, via an IPsec or SSL VPN and FortiC lient, Fortinet solutions offer a number of other features that can help an organization to secure its remote workforce. These features include:

Data loss prevention (DLP). FortiGate and FortiWiFi provide DLP functionality for remote workers, which is essential for teleworking

executives with frequent access to sensitive company data.

Endpoint security. FortiEDR provides advanced threat protection for remote workers' computers including automated remediation.

Advanced threat protection. FortiSandbox offers analysis of malware and other suspicious content within a sandboxed environment

before it reaches its destination.

Wireless connectivity. FortiAPs provide secure wireless access at remote work locations with full integration and configuration

management in a single pane of glass.

Device access management. FortiNAC is able to enforce bring-your-own-device (BYOD) policies even over remote VPN connections,

allowing the school to control what types of devices can connect and what access they receive.

Telephony. FortiFone is a secure, Voice over IP (VoIP) telephony solution, whose traffic is secured, managed, and monitored by a

FortiGate NGFW.

Software-defined wide-area network (SD-WAN). Secure SD-WAN functionality integrated into every FortiGate NGFW provides

direct-to-internet connectivity for cloud-based resources and optimization of VoIP and video trafc. Model

Concurrent SSL VPN

Users

Concurrent IPsec VPN

Users

Managed FortiAPs

(Tunnel Mode)

100E50010,00032

100F50016,00064

300E5,00050,000256

500E10,00050,000256

600E10,00050,000512

1100E10,000100,0002,048

2000E30,000100,0002,048

All Larger Models*30,000200,0002,048

*3300E supports 1,024 Tunnel Mode APs Table 1: Number of concurrent VPN connections supported by various models of FortiGate NGFWs. Use Cases for Fortinet Products Supporting Remote Education, Teaching, a nd Work

Not every student or employee in education institutions requires the same level of access to resources when learning and working remotely.

Fortinet provides tailored solutions for every remote student, teacher, and administrator: 1.

Student. Most students and teachers will primarily require access to a learning management system, generally provided via the cloud.

They might also require access to email, internet, teleconferencing, and le sharing from home. This includes access to Software-as-a-

Service (SaaS) services in the cloud, such as Google for Education, an d online teleconferencing such as Google Hangouts, Microsoft

Teams, and Zoom.

3 SOLUTION BRIEF | Secure Remote Access for Students, Faculty, and Staff at Scale Students, teachers, and IT administrators can connect using FortiGate in tegrated SSL VPN client software or via the FortiClient endpoint security solution. They may also require authentication to Google for Education or Microsoft AD. Figure 1: Fortinet solution deployment for standard students, faculty, and staff.

The Fortinet Security Fabric solution FortiAuthenticator provides single sign-on (SSO) to Google and Microsoft environments and allows

for multi-factor authentication (MFA). The split tunnel capabilities of the FortiClient allow for the most

exible deployment while maintaining web ltering and security for all trafc. Even when connecting dir ectly to the internet, web-ltering and malware policies are enforced and auditable. This includes SSO capabilities with Microsoft and Google. Figure 2: Fortinet SSO solution deployment for Microsoft and Google with FAC (FortiAuthenticator). 4 SOLUTION BRIEF | Secure Remote Access for Students, Faculty, and Staff at Scale 2.

Advanced administrators, and faculty and staff. These users require access to a learning management system, generally provided via

the cloud. Staff users may require access to function-specic capabilities (HR, administration, etc.) from their remote worksite. Faculty and staff can also connect to the organization using the FortiGate integrated IP sec or SSL VPN client or via the FortiClient endpoint solution.

Secure SD-WAN capabilities integrated into every FortiGate NGFW enable secure, direct-to-internet access to SaaS resources.

1*)-"*

1 1

1/&%"*,)"+/('$""*

1)'+',!($'/%&+

')+"&$/0) Figure 2: Fortinet SSO solution deployment for Microsoft and Google with FAC (FortiAuthenticator). Achieve Full Security Integration with Fortinet Solutions The Fortinet Security Fabric enables seamless integration of an organiza tion's remote workforce and student body. All Fortinet solutions are connected via the Fortinet Security Fabric, enabling single-pane-of-gl ass visibility, conguration, and monitoring. A number of Fabric connectors, an API environment, DevOps community support, and a large extended Security Fabric e cosystem enable integration with over

250 third-party solutions as well.

This is essential when an organization is preparing a business continuity plan, since a school may be forced to transition over to a fully

remote workforce with little or no notice. Single-pane-of-glass visibility and managem ent of an organization"s security architecture ensures that support for telecommuting does not jeopardize an organization"s cybersecurity.

Fortinet offers a number of solutions capable of supporting and securing a remote workforce. These solutions are available via exible

procurement options:

Bring-your-own-license (BYOL). Licenses purchased from a Fortinet channel partner for different products are transferrable across

platforms though the BYOL program.

Pay-as-you-go (PAYG). Fortinet solutions like FortiGate NGFW and FortiWeb Cloud web application firewalls (WAF)-as-a-Service can

be consumed using a PAYG on-demand usage model from the Amazon Web Services (AWS) and Google Cloud Marketplaces.

The following solutions are part of the Fortinet Security Fabric and support secure telework:

FortiClient. FortiClient strengthens endpoint security through integrated visibility, control, and proactive defense and enables

organizations to discover, monitor, and assess endpoint risks in real time.

FortiGate (BYOL, PAYG). FortiGate NGFWs utilize purpose-built cybersecurity processors to deliver top-rated protection, end-to-end

visibility and centralized control, as well as high-performance inspection of clear-texted and encrypted trafc.

FortiWiFi. FortiWiFi wireless gateways combine the security benefits of FortiGate NGFWs with a wireless access point, providing an integrated network and security solution for teleworkers. Copyright © 2020 Fortinet, Inc. All rights reserved. Fortinet , FortiGate , FortiCare and FortiGuard

, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law

trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other

results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all wa

rranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed

by Fortinet"s General Counsel, with a purchaser that expressly warrants that the identied product will perform according to certain expressly-identied performance metrics and, in

such event, only the specic performance metrics expressly identied in such binding written contract shall be binding on

Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal con

ditions as in Fortinet"s internal

lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most

current version of the publication shall be applicable. Fortinet disclaims i

n full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this

publication without notice, and the most current version of the publication shall be applicable. www.fortinet.com

March 26, 2020 10:52 AM

Mac:Users:susiehwang:Desktop:Egnyte:Egnyte:Shared:Creative Services:Team:Susie-Hwang:Egnyte:Shared:CREATIVE SERVICES:Team:Susie-Hwang:2020:SB-Secure-Remote-Access-for-Student:sb-security-remote-access-for-student Folder:sb-security-remote-access-for-student-032620-1052am

SOLUTION BRIEF | Secure Remote Access for Students, Faculty, and Staff at Scale

623285-0-0-EN

FortiFone. FortiFone provides unified voice communications with VoIP connectivity that is secured and managed via FortiGate NGFWs.

The FortiFone soft client interface allows users to make or receive calls, access voicemail, check call history, and search the organization"s

directory right from a mobile device. FortiToken. FortiToken confirms the identity of users by adding a second factor to the a uthentication process through physical and mobile application-based tokens.

FortiAuthenticator. FortiAuthenticator provides centralized authentication services including single sign-on serv

ices, certificate management, and guest management.

FortiAP. FortiAP delivers secure, wireless access to distributed enterprises and remote workers and can be easily managed as a physical

appliance or via the cloud.

FortiWeb Cloud (BYOL, PAYG). Fortinet WAFs protect hosted web applications from both known vulnerabilities and zero-day threats

using multilayered and correlated detection methods.

FortiManager (BYOL). FortiManager provides single-pane-of-glass management and policy controls across the extended enterprise for

insight into networkwide, trafc-based threats. This includes features to contain advanced attacks as well as scalability to manage up to

10,000 Fortinet devices.

FortiAnalyzer (BYOL). FortiAnalyzer provides analytics-powered cybersecurity and log management to enable improved threat detection

and breach prevention.

FortiSandbox (BYOL, PAYG). Fortinet sandboxing solutions offer a powerful combination of advanced detection, automated mitigation,

actionable insight, and exible deployment to stop targeted attacks a nd subsequent data loss.

A Secure Foundation Ensures Education Continuity

Preparing for learning and operational continuity and disaster recovery is vital for school districts and universities. An important com

ponent of this is the ability to support a fully remote classroom and workforce with little or no notice.

When developing virtual learning continuity plans, it is essential to ensure that the school or university has the resources in place to secure

remote students and staff. Fortinet solutions are easily deployable and congurable and enable any school district or

university to maintain full security visibility and control regardless of their deployment environment. 1

Leo Doran and Benjamin Herold, “1-to-1 Laptop Initiatives Boost Student Scores, Study Finds," Education Week, May 17, 2016.

2 “Helping K-12 educators make a greater impact," Google for Education. 3 Matthew Lynch, “10 Benets of Google Classroom Integration," The Tech Edvocate, September 4, 2018. 4

Karla Gutierrez, “Facts and Stats That Reveal The Power Of eLearning," SHIFT eLearning, April 7, 2016.

quotesdbs_dbs21.pdfusesText_27