Clik here to view.
FortiOS 6.2 Authentication Best Practices
Authentication You must add a valid user group to activate the Authentication check box on the firewall policy configuration page. Users can authenticate with the firewall using HTTP or FTP. For users...
View ArticleFortiOS 6.2 Antivirus Best Practices
Antivirus Enable antivirus scanning at the network edge for all services. l Use FortiClient endpoint antivirus scanning for protection against threats that get into your network. Subscribe to...
View ArticleFortiOS 6.2 Intrusion Prevention System Best Practices
Intrusion Prevention System (IPS) Your FortiGate’s IPS system can detect traffic attempting to exploit this vulnerability. IPS may also detect when infected systems communicate with servers to receive...
View ArticleFortiOS 6.2 Email Filter Best Practices
Email filter Spam is a common means by which attacks are delivered. Users often open email attachments they should not, and infect their own machine. l Enable email filtering at the network edge for...
View ArticleFortiOS 6.2 Web Filtering Best Practices
Web filtering FortiGuard Web Filtering can help stop infections from malware sites and help prevent communication if an infection occurs. Enable FortiGuard Web Filtering at the network edge. l Install...
View ArticleFortiOS 6.2 Patch management Best Practices
Patch management When vulnerabilities are discovered in software, the software vendors release updates that fix these problems. Keeping your software and operating system up-to-date is a vital step to...
View ArticleFortiOS 6.2 Policy configuration Best Practices
Policy configuration Configuring the FortiGate unit with an ‘allow all’ traffic policy is very undesirable. While this does greatly simplify the configuration, it is less secure. As a security measure,...
View ArticleBuy Hardware Reminder
Hey Guys! Just a reminder that we do have an official Fortinet GURU store now so you can buy Fortinet hardware and services / support. It is located at the Buy Fortinet Hardware link that is at the top...
View ArticleFortiOS 6.2 Networking Best Practices
Networking When configuring your network, ensure that there is no ‘back door’ access to the protected network. For example, if there is a wireless access point, it must be appropriately protected with...
View ArticleFortiOS 6.2 FGCP high availability Best Practices
FGCP high availability Fortinet suggests the following practices related to high availability: Use Active-Active HA to distribute TCP and UTM sessions among multiple cluster units. An active-active...
View ArticleFortiOS 6.2 WAN Optimization Best Practices
WAN Optimization WAN Optimization features require significant memory resources and generate a high amount of I/O on disk. Before enabling WAN Optimization, ensure that the memory usage is not too...
View ArticleFortiOS 6.2 Virtual Domains (VDOMs) Best Practices
Virtual Domains (VDOMs) VDOMs can provide separate firewall policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network or organization. This...
View ArticleFortiOS 6.2 Explicit proxy Best Practices
Explicit proxy For explicit proxies, when configuring limits on the number of concurrent users, you need to allow for the number of users based on their authentication method. Otherwise you may run out...
View ArticleFortiOS 6.2 Wireless Best Practices
Wireless The following section contains a list of best practices for wireless network configurations with regard to encryption and authentication, geographic location, network planning, power usage,...
View ArticleFortiOS 6.2 Logging and Reporting Best Practices
Logging and reporting The default log device settings must be modified so that system performance is not compromised. The FortiGate unit, by default, has all logging of FortiGate features enabled,...
View ArticleWhat is Sandbox Inspection?
What is Sandbox Inspection? Sandbox inspection is a network process that allows files to be sent to a separate device, such as FortiSandbox, to be inspected without risking network security. This...
View ArticleFortiSandbox Appliance vs FortiSandbox Cloud
FortiSandbox Appliance vs FortiSandbox Cloud FortiSandbox is available as a physical or virtual appliance (FortiSandbox Appliance), or as a cloud advanced threat protection service integrated with...
View ArticleSending Files for Sandbox Inspection
Sending Files for Sandbox Inspection Sending files to the FortiSandbox appliance or to FortiSandbox Cloud does not block files immediately. Instead, the files assist in the discovery of new threats and...
View ArticleUsing FortiSandbox with a FortiGate
Using FortiSandbox with a FortiGate Connecting a FortiGate to FortiSandbox The procedures for connecting a FortiGate to FortiSandbox differ depending whether you are using FortiSandbox Appliance or...
View Article