The FortiToken 300 is a USB Token for X.509 PKI certificates used in securing Internet transactions for applications including signing/encrypting email, PDF documents, Microsoft Office files, and software, as well as for strong authentication to your VPN or web-based applications. Client certificates are known to provide higher security than One-Time-Password (OTP) tokens for two factor authentication solutions, but the private key of the PKI certificate must be kept secret to be effective. Private keys generated and stored on FortiToken 300 PKI authenticators are more secure than private keys stored as files on local hard disks because FortiToken 300 cannot be coerced to expose the private key.
FortiToken-300 USB Smart Card Token Features & Benefits
- Driverless USB device simplifies client installation on a variety of platforms – Windows, Linux and MacOS
- High-performance smart card chip with on-board RSA, DES, 3DES, SHA-1 and random number generator provides for fast, secure processing
- FIPS-140 compliance for secure cryptographic operations
- MS-CAPI and PKCS#11 APIs supported for use with a wide range of applications
- Low cost PKI authenticator with no subscription charge making this an affordable option for strong authentication in the enterprise
- Two levels of password; user and admin allow for separate Token Manager Tools for end-user and admin
Leverage Existing Fortinet Platforms
Besides offering out-of-the-box interoperability with any time-based OATH compliant authentication server, such as the FortiAuthenticator from Fortinet, the FortiToken can also be used directly with the FortiGate® consolidated security platform, including High Availability configurations. FortiGate has an integrated authentication server for validating the FortiToken-200 OTP as the second authentication factor for SSL VPN, IPSec VPN, Captive Portal and Administrative login, thereby eliminating the need for the external RADIUS server ordinarily required when implementing two-factor solutions.
Online Activation with FortiGuard
You can activate your FortiToken-200 tokens online directly from FortiGate or FortiAuthenticator using the FortiGuard® Center, which maintains your token seeds in a managed service repository. Once the seeds are activated, they can no longer be accessed from FortiGuard, ensuring that your seeds are safe from compromise.