Scribd
Upload
19 views

FortiGate_firewall_theory_Basics_1663081137

FortiGate NGFWs provide comprehensive security features such as IPS, web filtering, and SSL inspection, designed for scalable hybrid IT environments. The document outlines default configurations, access methods, operational modes, and the benefits of virtual domains, as well as high availability and quality of service techniques. Additionally, it covers FortiGuard features, transparent proxy functionality, and the FortiGate Clustering Protocol for enhanced security management.

Uploaded by

raj pandey
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
19 views

FortiGate_firewall_theory_Basics_1663081137

FortiGate NGFWs provide comprehensive security features such as IPS, web filtering, and SSL inspection, designed for scalable hybrid IT environments. The document outlines default configurations, access methods, operational modes, and the benefits of virtual domains, as well as high availability and quality of service techniques. Additionally, it covers FortiGuard features, transparent proxy functionality, and the FortiGate Clustering Protocol for enhanced security management.

Uploaded by

raj pandey
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

FortiGate Basics:

Introduction:

FortiGate NGFWs enable security-driven networking and consolidate industry-leading security


capabilities such as intrusion prevention system (IPS), web filtering, secure sockets layer (SSL)
inspection, and automated threat protection.

Fortinet NGFWs meet the performance needs of highly scalable, hybrid IT architectures, enabling
organizations to reduce complexity and manage security risks.

Some of Fortinet UTM Features:


- Security Profiles
- Traffic inspection
- IPS & IDS
- VPN
- Suspicious traffic attributes
- Application control
- AntiVirus
- FortiGuard Web Filtering
- Email filter
- Advance Threat Protection
- Web filtering
- Email filtering
- SD-WAN
-Vulnerability Assessment
-Switch & Wifi Controller

1. Default Username and Password

• Default Username: admin


• Default password is BLANK, means there is no password set for new FortiGate firewall.

2. Default Subnet and Management IP

• Default Subnet:192.168.1.0/24
• Default Management IP:192.168.1.99

3.Options available to access FortiGate

• GUI (HTTP and HTTPS


• Telnet
• SSH

4.You can access the CLI in three ways:

• Console Connection
• SSH Access
• FortiExplorer

5.FortiGate Modes

• NAT /Router Mode


• Transparent Mode

NAT Mode: FortiGate act as a Layer 3 Router or Gateway for Separate Vlans

Transparent Mode: FortiGate act as a bridge between the two networks and can provide security
features by inspecting the traffic passing through it.

6.Two main types of NAT:

Source NAT or SNAT

Destination NAT or DNAT

7.VDOMS:

VDOMS are nothing but virtual firewalls on main hardware. Two VDOMs can work as independent
firewalls with separate VPN,Security,NAT and Routing Policies.

Benefits of Virtual Domains:

1- Improving Transparent mode configuration


2- Easier administration
3- Continued security
4- Savings in physical space and power
5- More flexible MSSP configurations

8.HA Requirements:

• Same Firmware
• Same Model
• Same Hardware Specs

9.Heart Beat:

Heart Beat connections i.e back-to-back link for synchronizing and knowing the status of HA Pair.

10.HA Cluster setup ways

• Active-Active
• Active-Passive
• Virtual

11. FortiGuard

It’s Features

• Antivirus
• IPS
• Application Control
• Antispam
• Web Filtering
• WAF

12. QOS Techniques

Main QOS Techniques

• Traffic Policing
• Traffic Shaping
• Queueing

Traffic Policing: Rate limits the traffic and drops any traffic exceeds the configured limit

Traffic Shaping: Rate limits the traffic and buffers the extra traffic exceeding the limit.

13.Power off the FortiGate

Following ways to achieve the power off the FortiGate

Using GUI

Using CLI
• Using GUI

Go to Dashboard

In the System Resources widget, select Shutdown

• Using CLI

execute shutdown

14.Transparent Proxy:

In transparent proxy, we browsers are not aware of any proxy server and usual internet content is
accessible.

15.Zones:

Zones are used to group multiple interfaces in a virtual zone so that a common security policy can
be applied across zones, which will cover all underlying group of interfaces.

16.Command to communicate

what is the command Different interfaces under same zone cannot communicate to each other

• Set intrazone deny

17.Virtual Wire Pair:

Means to connect two interfaces so that they can forward traffic. It consists of two interfaces that
do not have any IP address and considered as transparent mode.

18.FGCP cluster?
FGCP stands for FortiGate Clustering Protocol. This is one of the proprietaries and popular high
availability solutions offered by Fortinet firewall. FortiGate High Availability solution mainly contains
two firewalls, which are used for configuring the high availability operation

You might also like