Fortigate NSE4
Course Content
NSE4/5 - FORTIGATE FIREWALL
- In this 3-weeks class, you will learn how to use basic FortiGate UTM.
- In interactive labs, you will explore firewall policies, basic VPNs, virus detection, web filtering, application control, user authentication, and more.
- These administrative fundamentals will provide you with a solid understanding of how to integrate basic network security.
Prerequisites:
- Strong Knowledge of TCP/IP Protocols
- Basic Knowledge of Firewalls
Course Outline:
- Introduction to firewalls 1 Generation and 2nd Gne firewalls
- Understanding 1 Generation firewalls
- Understanding 2 Generation firewalls
- Understanding 2nd Gne Firewalls and futures
- Understanding UTM firewalls futures
Module-1: Introduction to fortigate
- Understanding Features of Fortigate
- Understanding Fortigaurd Queries & Packages
- Initial Configuration
- Upgrading Firmware
- Backup & Restore
- Configuring DHCP
Module-2: Introduction to Routing
- configure static and dynamic routing
- Configure ospf and redistribution
- configure rip and redistribution
- configrue routing between cisco to fortigtate
- configure routing between fortigate to fortigate
- BGP Configuration
Module-3: Firewall Policies
- Basic Firewall Policies
- configure policies for internet
- configure polieces polices based network
- configure Polices based devices
- Understanding NAT
- Configuring Static NAT
- Configuring Static nat (port forwarding) using Virtual Server
Module-4: Authentication
- Create Authentication Policies
- Creating User and policies
- Create Admin privilege accounts
- Monitor firewall Users
- Configure Ldap server for authenticastion
Module-5: Logging & Monitoring
- Understanding Log severity levels
- Understanding Logs &Sub log types
- Understanding Log structures
- Configuring log settings
- Redirect logs to Syslog & SNMP
Module-6: Antivirus
- Types of Virus & Malware
- Configure Antivirus scanning
- Test Antivirus scanning
- Monitor antivirus logs
Module-7: Webfilter
- Understanding FortigateWebfiltering Mechanism
- Configuring Content Filtering
- Configuring URL Filtering
- Monitor Webfilter logs
Module-8: Application Control
- Updating Application Control Database
- Configuring Application control profile
- Traffic Shaping
- Logging Application control event
Module-9: Intrusion Prevention system
- Choose IPS Signatures
- Configure Anomaly based Detection
- Configure signature based detection
- Configure DOS Sensor
- Monitor & Recognize Attacks using IPS
Module-10: Certificate Operations
- Generating a CSR
- Configuring SSL/SSH inspection
- Generating Self signed Certificate
- Enable SSL Inspection in fortigate
Module-11: Data Leakage Prevention
- Understanding Function of DLP
- Filter files & Messages
Module-13: Basic IPSEC VPN
- Understanding Architecture of IPSEC
- Understanding IKE Phase 1 & 2
- Configure IPSEC between two networks
- Configure IPSEC between fortigate to fortigate
- Configure IPSEC between fortigate to cisco
- configure IPSEC overlapping vpn
- Configure IPSEC VPN fortigate to paloalto
- configure forticlient vpn configurastion
Module-14: SSL VPN
- Understanding SSL Architecture
- Operation Modes of SSL
- Configuring SSL VPN WebMode
- Configuring Bookmark
- Configure firewall policies for SSL VPN
- Monitor SSL Users
Module-15
- SD-WAN CONFIGURSTION
- High availability
Module-16
- Configure web-application firewall
- Configure mitigate web application based attacks
- Configure security fabric
NSE – 5 FORTIMANAGER AND FORTI ANA fortianalyzer Module-17
- Configure fortianalyzer
- Configure FortiManager
- Configure Fortigate firewall
- Add Fortigate and Fortianalyzer in to Manager
- Configure Devices Configuration in fortimanager
- Import policy package from fortigate firewall
- Configure polices push to fortigate firewall
- Configure security profiles
- Configure security fabric