FortiGate: Security - course RUB 105,990. from Specialist, training 24 ac. hours, Date: May 15, 2023.
Miscellaneous / / December 05, 2023
This 3-day course provides the theoretical knowledge and practical skills necessary to configure a FortiGate UTM device.
During the training, students will learn to set up a security policy, build a secure data transmission channel over the Internet, learn how to set up an antivirus, filter web traffic, identify applications, set up DLP, set up work with accounts users.
The course is recommended and will be useful to those who support, install or administer FortiGate-based security systems.
Module 1. Introduction to Fortinet UTM (2 ac. h.)
Overview of the main features of FortiGate
Operating modes
Administrator account, differentiation of rights and access
Recovering the administrator password
Backup and Restore
Software update
Configuring built-in DNS and DHCP servers
Lab: Installation and initial system configuration
Module 2. Security Fabric (1 ac. h.)
The ideology of building the Fortinet Security Fabric
Deploying Fortinet Security Fabric
Development of Security Fabric with additional components and functions
Ratings and topology
Lab: Deploying Security Fabric
Module 3. Security policies (2 ac. h.)
Mapping traffic to rules by address, port, user, interface, and zone
Setting up firewall policies
Using Rule Numbers and Rule IDs
Identification of used objects
Changing the order of rules for correct operation
Use Policy Search to Find an Appropriate Rule
Labs: Creating a Security Policy
Module 4. Address and port translation (NAT and PAT) (2 ac. h.)
The ideology of address and port translation
Operating modes of address translation
Configuring a firewall policy for source and destination address translation (VIP)
Setting up centralized broadcast (central NAT)
Support for sessions at level 7 (session helpers), use of SIP session helper for VoIP
Interpreting entries in the session table
Analysis of the output of the session diagnostic command, the state of TCP, UDP and ICMP sessions
Using logs to solve common NAT problems, monitoring NAT sessions
Recommendations for configuring NAT
Lab: Address Translation
Module 5. User authentication (2 ac. h.)
Authentication Basics, Authentication Methods, Protocols
Using external authentication servers
Description of active and passive authentication methods
Setting up local, remote and two-factor authentication
Setting up external authentication servers
Setting up a portal (Captive Portal), policies and disclaimers for authentication
Monitoring users on a firewall
Using debugging techniques and recommendations
Lab: User Authentication
Module 6. Logging and monitoring (2 ac. h.)
Basics of logging, types and subtypes of log records, their structure and levels
Impact of logging on performance
Local logging options, configuration
Allocating disk space, monitoring disk usage, actions when full
Possibility of logging to external devices, configuration
Setting up log transfer, ensuring reliability and using encryption
Setting up logging, running the miglogd daemon
Search and view logs from the command line and GUI
Using FortiView
Configuring email alerts and threat weights
Configuring log backups, uploading and downloading
Lab: Setting Up Logging
Module 7. Working with certificates (2 ac. h.)
Understanding trusted and untrusted certificates
Establishing an SSL connection between FortiGate and the SSL server
Configuring SSL traffic inspection, two configuration options
Using full inspection, interference and overcoming them
Certificate request, CRL import, certificate backup and restoration
Lab: Using Certificates
Module 8. Filtering Web traffic (1 ac. h.)
Description of traffic scanning modes in FortiOS
Using Full SSL Inspection
Web traffic filtering profiles
Working with categories
Overriding categories, setting up custom categories
Requesting a rating in FortiGuard, setting quotas
Redefining web profiles, setting up search query filtering
Web content filtering
DNS filtering
Configuring SSL/SSH traffic inspection profiles, setting exceptions
Attaching profiles to policies, analyzing logs
Lab: Filtering Web Traffic
Module 9. Application management (2 ac. h.)
Application Management Basics, Defining Application Types
Application management services in FortiGuard
Application signatures
Setting up application management in profile mode
Configuring application management in policy mode
Using Application Control for Traffic Shaping
Enabling logging and monitoring of application management events
Using FortiView to view detailed logs
Best practices for setting up application management
Debugging the application management mechanism
Lab: Application Management
Module 10. Setting up an antivirus (2 ac. h.)
Using antivirus signatures
Antivirus operating modes
Using FortiSandbox
Various FortiGuard signature sets
Comparison of scanning modes, application of profiles in proxy and flow modes
Setting up profiles and protocol features
Logging and monitoring events related to the operation of the antivirus, viewing statistics
Recommendations for setting up an antivirus
Using hardware accelerators for antivirus scanning
Debugging the operation of anti-virus scanning mechanisms
Lab: Configuring Antivirus
Module 11. IPS (3 ac. h.)
Manage IPS updates via FortiGuard
Setting up IPS sensors
Applying IPS to traffic through a firewall
Detecting DOS attacks, setting DOS policy
Detecting attacks on Web traffic, setting up WAF profiles
Choosing an IPS Application Methodology
Debugging the IPS system
Lab: Configuring IPS
Module 12. SSL VPN (2 ac. h.)
The concept of VPN, the difference between SSL and IPSec VPN
SSL VPN operating modes
User Authentication in SSLVPN
Setting up SSL VPN, portals, required policies, realms, personal bookmarks
Checking the settings of the client machine when connecting
Using two-factor authentication, restricting access by IP and MAC address
Logging and monitoring SSL VPN connections, setting timers
Debugging SSL VPN operation
Lab: SSL VPN
Module 13. IPsec VPN topology DialUp (1 ac. h.)
Architecture and advantages of IPsec VPN, protocols used
Key exchange phases (IKEv1)
Using DialUp Topology
Building a DialUP tunnel between two FortiGate devices
Building a DialUP tunnel between FortiGate and FortiClient
Recommendations for building and using DialUp tunnels
Logging and monitoring of tunnels
Lab: IPsec VPN