Skillfulist - Improve your soft-skills!
Skillfulist - Improve your soft-skills!
  • Home
  • Influence
  • Leadership
  • Hiring
  • Management
  • About
  • Contact
Fortigate

Fortigate IPS

March 25, 2012 by skillfulist No Comments

Fortigate IPS – Intrusion Prevention System

IPS is a way to stop malicious users to attack your Server/PCs by using exploits or any other kind of attacks.

The IPS from the Fortigate uses the following 2 to help you prevent attacks:

1. Protocol Decoders – are used to define abnormal traffic

2. Signatures – it uses already defined signatures to catch malicious traffic.

 

IPS Sensor

Continue reading
Share:
Reading time: 1 min
Fortigate

Fortigate and WCCP

by skillfulist No Comments

Web Cache Communication Protocol – WCCP
Fortigate is compatible with WCCP protocol version 2 and can be configured on the Fortinet Firewall to optimize web traffic.

 

WCCP architecture

1. Routers (responsible for redirecting to the WCCP Server)

2. Web Cache – cluster of server

3. Service Groups – this is used to identify sensitive traffic and encapsulates methods between endpoints in the config.

 

Continue reading
Share:
Reading time: 3 min
Fortigate•Fortinet

Fortigate Traffic Optimization

March 24, 2012 by skillfulist No Comments

Fortigate is capable of Traffic Optimization, isn’t that cool ?

The following are the things that can affect the Network and Application Performance

1. Bandwidth

2. Latency

3. Throughput

4. Congestion

5. Packet Loss

 

The Fortinet Firewall is capable of dealing with all of them by using WAN Optimization Technique:

1. Protocol Optimization

2. Byte Caching

3. Web Caching

4. Transparent proxy

 

1. Protocol Optimization

It’s an application technique to improve performance of HTTP, CIFS, FTP, MAPI and TCP protocol traffic.

I guess you know all of them except CIFS. This is a common internet file system protocol – provides file access, recoring, change notification etc

Continue reading
Share:
Reading time: 3 min
General Security

What is a Firewall

March 19, 2012 by skillfulist No Comments


The firewall is probably the best known security appliance. By definition firewall is a system or a group of systems which implements access policy between two or more networks.

Firewalls can be classified into four main classes:

1. Dedicated firewalls 

2. Routers integrated firewalls

3. Servers integrated firewalls 

4. Personal firewalls 

 

1. Dedicated firewalls are hosts that runs an operating system designed for packet filtering and addresses translation. We can exemplify PIX systems or Checkpoint. These systems are capable of sustaining a large number of connections but routing facilities are extremely limited. For a simple network , firewall can be used as a router. For more complex networks is necessary a router.

2. Firewalls integrated into routers are used to remove the previous insufficiency. This class can not sustain the same number of connections, but it does better in more complex topologies, where you need the facilities of a router. Many products provide routers integrated firewall facilities, from firewall modules for high-end routers, to extremely compact dedicated for use in SOHO networks.

Continue reading
Share:
Reading time: 3 min
Fortigate•Fortinet

Fortigate Routing

March 16, 2012 by skillfulist No Comments

In this article i will describe some routing capabilities that Fortigate has.

Routing Protocols

 

Fortigate is capable of many routing Protocols:

1. Static Routes (not really a routing protocol 😉 )

2. BGP

3. RIP

4. OSPF

 

The Fortigate Firewall has also a Routing table 1that displays all the learned routes and also a FIB table. You might know about FIB from the Cisco CEF.

Routing Features: 

FIB 

The FIB contains all local and non-local routes that are known to the Device. It is populated by the routing table and in the High-Availability mode FIB is replicated among the clusters, but only the Master builds up the FIB, based on the routing table.

Reverse Path Forwarding (RPF)

This is used for anti-spoofing protection. You can find more about Reverse Path Forwarding here.

Bidirectional Forwarding Detection (BFD)

This is used to deal with dynamic routing protocols problems, of not having a fine granularity for detecting device failures on the network and re-routing around those failures. This works like the “hellos” of the OSPF routing protocol, but it actually connects to the router.

Default Administrative Distances for Fortigate:

1. The Fortigate Firewall assigns an AD of “20” to EBGP routes.

2. Static Routes have an AD of  “10”

3. Connected Routes have an AD of “0”

4. When you configure the BGP protocol a default route-map is created to make the AS non-tranzit (cool feature)

 

If you have any questions please ask.

 

 

Share:
Reading time: 1 min
Fortigate

Fortigate Conserve Mode – How to stop it and what it means

March 12, 2012 by skillfulist No Comments

The Fortigate Firewall has more diagnostic tools, but you will mostly be faced with the following problems:

1. Conserve Mode

This problem happens when the memory shared mode goes over 80%.
To exit this conserve mode you have to wait (or kill some  of the processes) until the memory goes under 70%.

2. Antivirus FailOpen

This is a safeguard feature that determines the behavior of the Fortigate AntiVirus System, when it becomes overloaded with high traffic.

To mitigate this you have more type of options:

#set av-failopen { off | on-shot | pass | idledrop}

Below we will describe what all of them do:

a. Off – if the FG enters conserve mode, the Fortigate will stop accepting new AV sessions, but will continue to process currently active sessions

Continue reading
Share:
Reading time: 2 min
Fortigate

How to Pass Fortinet FCNSA

March 10, 2012 by skillfulist No Comments

I thought it would be useful to list all my posts that are related to the Fortinet exam called FCNSA.

Here are my FCNSA Notes:

1. Fortigate Default Settings

2. Fortigate Default Protection Profiles

3. Fortigate Logging and Alerts 

4. Fortigate Antivirus and Antispam 

5. Fortigate service – Fortiguard 

6. Fortigate Authentication

7. Fortigate Antivirus

8. Fortigate Web Filtering 

 

Hope this helps you guys as it helped me passing my FCNSA exam.

 

 

 

Share:
Reading time: 1 min
Fortigate

Fortigate VDOMs

February 15, 2012 by skillfulist No Comments

Fortigate VDOMs

 

What are Fortigate VDOMs(Virtual Domains)?

Well Fortigate VDOMs are like ASAs contexts, you are able to separate the firewall so it looks like you have 2, with different management and user groups. With ASA you lose some features when you enabled contexts, but in the Fortinets’ Firewall you do not lose any features.(Isn’t that just great?!)

VDOMs features:

1. Have separate routing and firewall services

2. Each physical interface belongs to only one Virtual Domains

3. By Default for the VDOMs to communicate you need an external source(Internet) to allow the communications

4. By Default 10 VDOMs are supported (in NAT or Transparent Modes)

5. The Configuration file of the Fortigate, holds all VDOM configuration. EX: AntiVirus, IPS and System Time

 

I. VDOM Configuration Features:

Continue reading
Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate Tutorial – Web Filtering

January 30, 2012 by skillfulist No Comments

Fortigate Tutorial – Web Filtering

 

Fortigate processes Web Filtering options in the following order:

1. URL Filtering

2. Fortiguard Web Filtering

3. Content Exempt

4. Content Block

5. Script Filter

6. Antivirus

 

Let’s talk a little about all of them:

1. URL Filtering – you define what URLs the Fortigate can block

2. Fortiguard Web Filtering – based on the categories you choose, the Fortigate will block the pages

3. Web Content block

This option blocks specific words or patterns. You can use Perl regular expressions and the based on scores you can block those

4. Web Content Exemption – allows the administrator to override the web content block feature.

Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate Tutorial – Spam Filtering

by skillfulist No Comments

Fortigate Tutorial – Spam Filtering

 

Fortiguard uses the industry standard definition of spam as Unsolicite Bulk Email.

Here are the Spam Filtering Methods implemented by Fortinet to its appliances:

1. IP Address Check

2. URL Check

3. Email Checksum Check

4. Spam Submission

5. Block/White List

6. HELO DNS Lookup

7. Return E-mail DNS check

8. Banned Words

9. MIME check

10. DNS Blackhole List (DNSBL) and Open Relay Database List (ORDBL)

 

II. Fortiguar AntiSpam

Global Filters

1. FortiIP Sender IP Reputation Database (based on the reputation of the IP)

Continue reading
Share:
Reading time: 2 min
Page 3 of 5« First...«2345»

Categories

  • ASA
  • Call Manager
  • CCIE Notes
  • Fortigate
  • Fortinet
  • General Security
  • Influence
  • Leadership
  • Linux
  • Misc
  • News
  • Political Management

Most Popular Posts

  • Fortigate Tips and Tricks
  • Fortigate VDOMs
  • Fortigate Troubleshooting - DHCP
  • How to adopt a win-win attitude - 5 Easy steps
  • Fortigate Troubleshooting - VPN
  • CCIE notes - Security part 1
  • 7 Ways to Inspire Others
  • Fortigate Conserve Mode - How to stop it and what it means
  • 10 Ways to Engage Your Team!
  • Fortigate Traffic Optimization

Skillfulist Facebook Page

Skillfulist Facebook Page

Newsletter

Recent Posts

  • How to Deal with a Bad Boss – 6 Secrets from a Good Boss
  • 10 Ways to Engage Your Team!
  • 7 Ways to Inspire Others
  • Coaching employees – 7 questions to ask
  • How to adopt a win-win attitude – 5 Easy steps

© 2017 copyright PREMIUMCODING // All rights reserved
Lavander was made with love by Premiumcoding
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Read More
Privacy & Cookies Policy