Session Based Network Issues on 7060E?
So if you are running a 7060E chassis in your enterprise and you are suddenly experiencing strange behavior relating to session based traffic, disable the TCP-Options setting in config global. This is...
View ArticleEndpoint Security
Endpoint Security Endpoint security enforces the use of the FortiClient End Point Security (FortiClient and FortiClient Lite) application on your network. It can also allow or deny endpoints access to...
View ArticleTraffic Logging
Traffic Logging When you enable logging on a security policy, the FortiGate unit records the scanning process activity that occurs, as well as whether the FortiGate unit allowed or denied the traffic...
View ArticleNetwork defense
Network defense This section describes in general terms the means by which attackers can attempt to compromise your network using attacks at the network level rather than through application...
View ArticleDefending against DoS attacks
Defending against DoS attacks A denial of service is the result of an attacker sending an abnormally large amount of network traffic to a target system. Having to deal with the traffic flood slows down...
View ArticleConfiguring the SYN threshold to prevent SYN floods
Configuring the SYN threshold to prevent SYN floods The preferred primary defense against any type of SYN flood is the DoS anomaly check for tcp_syn_flood threshold. The threshold value sets an upper...
View ArticleDoS policies
DoS policies DDoS attacks vary in nature and intensity. Attacks aimed at saturating the available bandwidth upstream of your service can only be countered by adding more bandwidth. DoS policies can...
View ArticleAbout DoS and DDoS attacks
About DoS and DDoS attacks A denial of service (DoS) occurs when an attacker overwhelms server resources by flooding a target system with anomalous data packets, rendering it unable to service genuine...
View ArticleFortiOS DoS and DDoS protection
FortiOS DoS and DDoS protection FortiOS DoS protection identifies potentially harmful traffic that could be part of a DoS or a DDoS attack by looking for specific traffic anomalies. Traffic anomalies...
View ArticleFortiOS DDoS Prevention
FortiOS DDoS Prevention In addition to using DoS protection for protection against DoS attacks, FortiOS includes a number of features that prevent the spread of Botnet and C&C activity. Mobile...
View ArticleThe FortiGuard Center
The FortiGuard Center The FortiGuard Center shows information on all the most recent FortiGuard news, including information concerning zero-day research and hot intrusion detections. Research papers...
View ArticleClik here to view.
The Face You Make When Updating Firmware…
This is usually what I look like when updating any type of Fortinet device’s firmware….I’m sure I’m not alone!
View ArticleFirewall Policies
Firewall Policies The firewall policies of the FortiGate are one of the most important aspects of the appliance. There are a lot of building blocks and configurations involved in setting up a firewall...
View ArticleIPv4 Policy
IPv4 Policy To configure a IPv4 policy in the GUI Go to Policy & Objects > IPv4 Policy The right side window will display a table of the existing IPv4 Policies. l To edit an existing policy,...
View ArticleIPv6 Policy
IPv6 Policy To configure a IPv6 policy in the GUI Go to Policy & Objects > IPv6 Policy The right side window will display a table of the existing IPv6 Policies. To edit an existing policy,...
View ArticleNAT64 Policy
NAT64 Policy To configure a NAT64 policy in the GUI Go to Policy & Objects > NAT64 Policy The right side window will display a table of the existing NAT64 Policies. To edit an existing policy,...
View ArticleNAT46 Policy
NAT46 Policy To configure a NAT46 policy in the GUI Go to Policy & Objects > NAT46 Policy The right side window will display a table of the existing NAT46 Policies. To edit an existing policy,...
View ArticleCentral SNAT
Central SNAT Central NAT is disabled by default. To toggle the feature on or off, use the following commands: config system settings set central-nat [enable | disable] end When Central NAT is enable...
View ArticleIPv4 Access Control List
IPv4 Access Control List The IPv4 Access Control List is a specialized policy for denying IPv4 traffic based on: l the incoming interface l the source addresses of the traffic l the destination...
View ArticleIPv6 Access Control List
IPv6 Access Control List The IPv6 Access Control List is a specialized policy for denying IPv6 traffic based on: l the incoming interface l the source addresses of the traffic l the destination...
View Article