Today, when attacks on network infrastructure and exploitation of leaked passwords represent a daily threat, standard username and password authentication is no longer sufficient.
Securing your Fortinet VPN doesn’t have to be a burden for your IT team. With the GITRIX integration platform, you get robust multi-factor authentication (MFA) that we will completely prepare, configure, and deploy for you.
The Same Convenience as Logging into a PC
One of GITRIX’s greatest advantages is uniformity. Your SSO gateway (built on Keycloak technology) can use exactly the same methods for VPN that we set up for workstation logins:
- Smart Cards and SmartCard Logon: The user logs into the VPN using a certificate on a card and entering a PIN — exactly as they are used to from their morning Windows login.
- Mobile App (SignID): Simple confirmation via a push notification on a mobile phone or scanning an offline QR code.
- Passwordless methods: Full support for FIDO2, WebAuthn, or Crayonic biometric badges.
This eliminates the need to remember additional complex passwords while dramatically increasing your organization’s security level.
We Configure, You Profit: How Does the Integration Work?
The entire process of linking FortiGate and GITRIX SSO (via SAML 2.0 protocols) is our responsibility. Our specialists ensure complete technical implementation:
1. FortiGate Configuration (Service Provider)
During implementation, we will configure all SSO parameters in your FortiGate’s web interface. We will connect the GITRIX gateway address, upload the necessary certificates, and define attribute mappings (e.g., usernames and groups) directly from your Active Directory.
2. GITRIX SSO Configuration (Identity Provider)
In the GITRIX administration, we will create a corresponding client for your Fortinet. We will set up security policies so that MFA is enforced for VPN access exactly according to your needs — whether that’s a push notification or a hardware token.
Secure and Seamless Migration Under Our Supervision
Are you concerned about downtime or user confusion? With our approach, deployment is completely stress-free:
- Parallel operation: We will launch the new secured connection alongside your existing solution. This allows us to test everything on a selected pilot group and gradually migrate the rest of the company only when everything is 100% fine-tuned.
- High Availability (HA): For critical operations, we will design and deploy infrastructure in HA mode (Kubernetes k3s, MariaDB Galera Cluster), which guarantees resilience against hardware failures.
Securing remote access has never been easier. With GITRIX, you get a solution that meets strict legislative requirements (NIS2, eIDAS 2.0, CyberSec Act), and you don’t have to worry about the technical side — we’ll handle everything for you.
Want your Fortinet VPN secured this month? Contact us at info@gitrix.cz, our technicians will go through the options with you and prepare a pilot project directly in your environment.