FortiToken
One Time Password Token for Strong Authentication
Strong Authentication at Your Fingertips
The FortiToken-200 allows organizations to deploy a two-factor authentication solution. It is an easy-to-use, one-time password (OTP) token that reduces the risk of compromise created by alternative single-factor authentication systems relying on, for example, static passwords. The FortiToken enables administrators with the need for two-factor authentication to offer enhanced security for both remote and on-premise users.
The FortiToken-200 is a part of Fortinet’s broad multi-factor authentication product strategy; it ensures that only authorized individuals access your organization’s sensitive information -- enabling business, protecting your data, lowering IT costs, and boosting user productivity.
click to enlarge
FortiToken Advantages
- Reduces costs and complexity by using your existing FortiGate as the two-factor authenticator
- Token seed repository by FortiGuard™ minimizes provisioning headaches
- Perpetual token license eliminates annual subscription fees
- Low cost of entry with scalability
|
Main Features
- Integrated with FortiClient™ and protected by FortiGuard™
- Standards-compliant
- Synchronized with FortiGate®p OTP dbase
- Short-duration (60-seconds), time based , 6-digit password
|
Leverage Existing Fortinet Platforms
Each FortiGate™ consolidated security platform is able to provide an integrated authentication server. Combining this authentication capability with the FortiToken eliminates the need for the external server typically required when implementing two-factor solutions.
The short-lived, time-based token adds strong authentication to secure remote Virtual Private Network (VPN) IPSEC access, SSL VPN access, Wi-Fi Captive Portal network logon and FortiGate Administrator login. The token always remains synchronized with the FortiGate controller.
Seeds Managed by FortiGuard®
The FortiGuard™ Center maintains your token seeds in a cloud-based repository. Once a FortiToken has been registered, FortiGuard securely distributes the necessary token seeds to FortiGate to complete the process. When required by identity based security policies, the FortiGate is able to verify the users 6-digit OTP against its own database.
FortiGate Model |
FortiWifi Model |
Max # of FortiTokens |
FortiGate-50B |
FortiWiFi-50B |
20 |
FortiGate-60B/60C
FortiGate-80C
|
FortiWiFi-60C
FortiWiFi-80C
|
500 |
FortiGate-110C/FortiGate-111C
FortiGate-200B/FortiGate-200B-POE
FortiGate-310B/FortiGtate-311B
FortiGate-620B/FortiGate-621B
FortiGate-800
|
|
1,000 |
FortiGate-1240B
FortiGate-3016B
FortiGate-3040B/FortiGate-3140B
FortiGate-3600A
|
|
5,000 |
FortiGate-3810
FortiGate-3950B/FortiGate-3951B
FortiGate-5001A/FortiGate-5001B
|
|
5,000 |
Standards and AAA Servers Compatibility
The FortiToken-200 is compatible with popular on-premise and remote access servers including Active Directory, LDAP and RADIUS. The FortiGate maintains the backend communication with these servers and at the same time manages the second factor authentication with the users. Moreover in combination with FortiGate, the token complies with OATH standards.
Resilient Design
The FortiToken-200 comes in tamper-resistant/tamper-evident packaging for additional security. The token also has a tamper-proof memory design which protects the internal synchronous dynamic password generator.
Embedded Security Algorithm |
OATH TOTP (Time-based) |
Component |
Built-in Button 6 Character LCD Screen Globally Unique Serial Number |
Battery Lifetime |
Up to 5 Years / Up to 14000 dynamic passwords |
Operating Temperature |
-10°C to 50°C |
Storage Temperature |
-20°C to 70°C |
Water-Resistant |
IP68 (Ingress Protection) |
Casing |
Hard Molded Plastic (ABS) Tamper-Evident /Tamper- Resistant |
Secure Storage Medium |
Static Random Access Memory (RAM) |
Battery Type |
Standard Lithium Battery |
Hardware |
RoHS Compliant |