Skillfulist - Improve your soft-skills!
Skillfulist - Improve your soft-skills!
  • Home
  • Influence
  • Leadership
  • Hiring
  • Management
  • About
  • Contact
Fortigate•Fortinet

Fortigate Tutorial – Spam Filtering

January 30, 2012 by skillfulist No Comments

Fortigate Tutorial – Spam Filtering

 

Fortiguard uses the industry standard definition of spam as Unsolicite Bulk Email.

Here are the Spam Filtering Methods implemented by Fortinet to its appliances:

1. IP Address Check

2. URL Check

3. Email Checksum Check

4. Spam Submission

5. Block/White List

6. HELO DNS Lookup

7. Return E-mail DNS check

8. Banned Words

9. MIME check

10. DNS Blackhole List (DNSBL) and Open Relay Database List (ORDBL)

 

II. Fortiguar AntiSpam

Global Filters

1. FortiIP Sender IP Reputation Database (based on the reputation of the IP)

Continue reading
Share:
Reading time: 2 min
Fortigate•Fortinet

Fortigate | Fortinet Antivirus

January 27, 2012 by skillfulist No Comments

Hello,

 

It this post i will talk about the AntiVirus feature of Fortigate. Since the firewall from Fortinet has a lot of features it is normal that AntiVirus is one of them.

[singlepic id=5 w=320 h=240 float=]

The processing of the Antivirus application goes as following:

1. File Filter -first it checks if any files match a file filter defined by you. Ex: block any “.exe” files

2. Virus Scan – it then scans the file for known viruses

Continue reading
Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate Tutorial – Authentication

January 26, 2012 by skillfulist No Comments

 

Fortigate Tutorial 4 – Authentication

 

The Fortigate aplience support different types of authentication.

Let’s discuss them here:

1. LDAP

Fortigate support all servers that are LDAP compliant. It supports up to LDAPv3

Also LDAP over SSL/TLS is supported. One downside of using LDAP is that the Fortinet firewall does not  supply any information on why the user authentication failed. For the reason you must check the Server itself.

2. Local Users

You can define local users on the Fortigate itself, by defining a user name and a password for the user.

3. RADIUS

Radius is also supported on the Fortigate. For this you just define a RADIUS server and define the shared key between the RADIUS server and the FG.

Continue reading
Share:
Reading time: 2 min
Fortigate•Fortinet

Fortigate Tutorial – Fortiguard

by skillfulist No Comments

 

Fortiguard Services

[singlepic id=1 w=320 h=240 float=]

Fortinet provides a world wide coverage of Fortiguard sevices through the Fortiguard Serice Points. The communication between your FortiGate appliance and the Fortiguard Service Points is possibled on port UDP 53 but it can also be changed to port 8888.

Since Fortigate firewalls are placed all over the world, the use DNS so you can get the closest one to you.

 

The updates issued by Fortiguard can only be received on port UDP 9443, so be carefull to not have this port closed.

Caching is available for the following UTM appliances: Web-Filter and AntiSpam. This option is strongly recommeded as it imporves performance by reducing Fortigate unit registration to the Fortiguard service. The space that cache uses is only a small percentage of the System memory that the firewall can have.

In the situation that the cache is full, the oldest cache is deleted.

You also have a TTL option that controls the number of seconds to store the IPs and URLs that the Fortiguard service provides before contacting it again.

Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate Troubleshooting – DHCP

by skillfulist No Comments

All of us have problems sometimes with DHCP, especially if we use the Fortigate it as a DHCP relay server.

 

The following commands are used to best troubleshoot the DHCP process:

#diag debug en
#diag debug console timestamp en

The following is used if we use IPSec DHCP relay

#diag debug app dhcprelay 7

The following is used if we are using IPsec DHCP Server

#diag debug app dhcps 7

Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate Tutorial – Logging and Alerts

by skillfulist No Comments

Here is the 2nd Tutorial that i created, hope you enjoy this one too.

 

Logging and Alerts 

[singlepic id=3 w=320 h=240 float=]

Fortigate can store its logs in the following:

1. Local HDD – this option can be enabled from the CLI

2. FortiAnalyzer – this is my favorite. It is a device to which Fortigate sends all the logs and then you can create pretty reports.

This option can be enabled by providing the IP of the FortiAnalyzer(FA) or by using “Automatic Discovery”, but for the automatic discovery you will need to have the FA in the same subnet as the Fortigate.

Continue reading
Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate AntiVirus and AntiSpam

January 25, 2012 by skillfulist No Comments

 

Fortigate AntiVirus and AntiSpam

 

As we all know Fortigate provides a lot a features for only one device.

Let’s see how some of them work:

I. AntiVirus 

This tool scans the traffic and applies the following rules:

1. File size – if a file is large that what you define, then this gets dropped

2. File pattern – if a file matches a pattern, it get dropped

3. Virus scan – it scans a file for virus, if it gets a positive then it gets dropped

4. Grayware – scans for grayware programs

5. Heuristic – scans with an heuristic algorithm

6. File type – you can define some types that gets dropped

 

II. AntiSpam

Continue reading
Share:
Reading time: 1 min
Fortigate•Fortinet

Fortigate Tutorial – Firewall Default Settings

by skillfulist No Comments

 

Fortigate Tutorial 1 – Firewall Default Settings

You just bought a Fortigate? I want to tell you from the beginning GREAT PICK!

Much easier to use than the Cisco ASA and a more friendly GUI then ASDM.

[singlepic id=2 w=320 h=240 float=]

So now you added your Fortigate(maybe 50B like in the pic) to the network and you do not know where to go next?

 

Here are the default settings for almost all of the Fortigate Firewall:

Internal: 192.168.1.99

WAN1: 192.168.100.99

WAN2: 192.168.101.99

 

DHCP is enabled by default on the internal interface with the following scope: 192.168.1.110 till 192.168.1.210

Default username: Admin

Default password: <none>

 

Now you can connect to the firewall with SSH on port 22 and go from there.

Hope you enjoy the Fortigates as much as i do.

 

See you in the next tutorial!

 

gt;

Share:
Reading time: 1 min

Categories

  • ASA
  • Call Manager
  • CCIE Notes
  • Fortigate
  • Fortinet
  • General Security
  • Influence
  • Leadership
  • Linux
  • Misc
  • News
  • Political Management

Most Popular Posts

  • Fortigate Tips and Tricks
  • Fortigate VDOMs
  • Fortigate Troubleshooting - DHCP
  • How to adopt a win-win attitude - 5 Easy steps
  • Fortigate Troubleshooting - VPN
  • CCIE notes - Security part 1
  • 7 Ways to Inspire Others
  • Fortigate Conserve Mode - How to stop it and what it means
  • 10 Ways to Engage Your Team!
  • Fortigate Traffic Optimization

Skillfulist Facebook Page

Skillfulist Facebook Page

Newsletter

Recent Posts

  • How to Deal with a Bad Boss – 6 Secrets from a Good Boss
  • 10 Ways to Engage Your Team!
  • 7 Ways to Inspire Others
  • Coaching employees – 7 questions to ask
  • How to adopt a win-win attitude – 5 Easy steps

© 2017 copyright PREMIUMCODING // All rights reserved
Lavander was made with love by Premiumcoding
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Read More
Privacy & Cookies Policy