2.4.4 Ensure idle timeout time is configured


The idle timeout period is the amount of time that an administrator will stay logged in to the GUI without any activity.


Best practice dictates setting admin idle timeout to prevent the risk of unauthorized access to the device, such as someone using a logged-in GUI on a PC that has been left unattended.


This is to prevent someone from accessing the FortiGate if the management PC is left unattended.


To change the idle timeout in the GUI:

1) Login to FortiGate with Super Admin privileges
2) Go to 'System' > 'Settings'.
3) In the 'Administration Settings' section, set the 'Idle timeout' value to five minutes by typing 5.
4) Click Apply.

To change the idle timeout in the CLI:

config system global
set admintimeout 5

Default Value:

By default, it is set to five minutes.

See Also