FortiGate Operator Learning Notes
FortiGate is a next-generation firewall (NGFW) that delivers industry-leading enterprise security with full visibility and threat protection.
Using FortiGate, organizations can achieve:
- Ultra-fast security throughout their network
- A consistent real-time defense
- An excellent user experience
- Operational efficiency and automated workflows
Note: training course - https://training.fortinet.com/course/view.php?id=39326
1. FortiGate Overview
2. Configuring Interfaces and Routing
3. Firewall Policies
4. Authenticating Network Users
5. Inspect SSL Traffic
6. Blocking Malware
7. Control Web Access Using Web Filtering
8. Configuring the FortiGate Intrusion Prevention System
9. Controlling Application Access
10. Creating IPsec Virtual Private Networks
11. Configuring FortiGate SSL VPN
12. FortiGate System Maintenance and Monitoring
13. Configuring the Fortinet Security Fabric
FortiGate Overview
FortiGate Platform Structure
Models
Configuring Interfaces and Routing
LAN - DHCP
WAN
Default Route, static route
Includes:
- Destination
- Gateway address
- Interface
Verify the route from Dashboard - Network - Static & Dynamic Routing widget - Click to expand
Policies
By default, the inspection mode of the new firewall policy is set to Flow Based.
Flow-based inspection
Proxy-based insepction
Change Inspection Mode:
From the CLI.
Use the below command to change the inspection mode:
config firewall policy
edit # (ID of the policy)
set inspection-mode <flow or proxy>
end
Internet Access Policy Rule example:
Show Matching logs
Firewall Authentication
Local Password Auth
Remote Password Authentication
Steps:
- Create a user account
- Configure Remote auth
- Create a user group
- add authenication to a firewall policy
- verify and monitor firewall authentication
共有 0 条评论