Inside FortiOS: Denial of Service (DoS) protection
Inside FortiOS: Denial of Service (DoS) protection FortiOS DoS protection maintains network integrity and performance by identifying and blocking harmful IPv4 and IPv6-based denial of service (DoS)...
View ArticleNetwork defense – FortiOS 6
Network defense This section describes in general terms the means by which attackers can attempt to compromise your network using attacks at the network level rather than through application...
View ArticlePolicy configuration – FortiOS 6
Policy configuration The firewall policies of the FortiGate are one of the most important aspects of the appliance. There are a lot of building blocks and configurations involved in setting up a...
View ArticleObject configuration – FortiOS 6
Object configuration As was mentioned earlier, the components of the FortiGate firewall go together like interlocking building blocks. The Firewall objects are a prime example of those building blocks....
View ArticleFortiGate Address Objects
IPv4 addresses When creating an IPv4 address there are a number of different types of addresses that can be specified. These include: FQDN Geography l IP range l IP/Netmask l Wildcard FQDN Which one...
View ArticleDesign and Implementation White Board Session Updates
Got a whiteboard! Now I just have to get it installed. Should be up this week and then we can start pumping out some videos discussing design, implementation, and more!
View ArticleIPv6 addresses
IPv6 addresses When creating an IPv6 address there are a number of different types of addresses that can be specified. These include: l Subnet l IP Range – the details of this type of address are the...
View ArticleMulticast addresses
Multicast addresses Multicast addressing defines a specific range of address values set aside for them. Therefore all IPv4 multicast addresses should be between 224.0.0.0 and 239.255.255.255. More...
View ArticleProxy addresses
Proxy addresses This category of address is different from the other addresses in that it is not designed to be used in the normal firewall policy configuration. It is intended to be used only with...
View ArticleClik here to view.
Internet services
Internet services In FortiOS 5.4, support was added for Internet Service objects which could be used with FortiView, Logging, Routing and WAN Load Balancing. Now they can be added to firewall policies...
View ArticleFortinet Presenting On Tech Field Day Live
Hey Guys, check out Fortinet presenting on Tech Field Day Live (quick search on facebook will find the stream). Outside of the one guy needing to invest in an iron the content is pretty good.
View ArticleAddress groups
Address groups Address groups are designed for ease of use in the administration of the device. If you have a number of addresses or address ranges that will commonly be treated the same or require the...
View ArticleCreating an address group
Creating an address group Go to Policy & Objects > Addresses. Select the down arrow next to Create New, select Address Group. Choose the Category, that is applicable to the proposed selection of...
View ArticleVirtual IPs
Virtual IPs The mapping of a specific IP address to another specific IP address is usually referred to as Destination NAT. When the Central NAT Table is not being used, FortiOS calls this a Virtual IP...
View ArticleCreating a virtual IP
Creating a virtual IP Go to Policy & Objects > Virtual IPs. Select Create New. A drop down menu is displayed. Select Virtual IP. From the VIP Type options, choose an applicable type based on the...
View ArticleFQDN in VIPs
FQDN in VIPs Instead of mapping to an IP address a VIP can use a FQDN(Fully Qualified Domain Name). This has to be configured in the CLI and the FQDN must be an address object that is already...
View ArticleDynamic VIP according to DNS translation
Dynamic VIP according to DNS translation When a dynamic virtual IP is used in a policy, the dynamic DNS translation table is installed along with the dynamic NAT translation table into the kernel. All...
View ArticleVirtual IP groups
Virtual IP groups Just like other address, Virtual IP addresses can be organized into groups for ease of administration. If you have multiple virtual IPs that are likely to be associated to common...
View ArticleConfiguring IP pools
Configuring IP pools An IP pool is essentially one in which the IP address that is assigned to the sending computer is not known until the session is created, therefore at the very least it will have...
View ArticleServices
Services While there are a number of services already configured within FortiOS, the firmware allows for administrators to configure there own. The reasons for doing this usually fall into one or more...
View Article