FortiGate is a next-generation firewall (NGFW) that delivers industry-leading enterprise security with full visibility and threat protection.
Using FortiGate, organizations can achieve:
- Ultra-fast security throughout their network
- A consistent real-time defense
- An excellent user experience
- Operational efficiency and automated workflows
Note: training course -Â https://training.fortinet.com/course/view.php?id=39326
1. FortiGate Overview
FortiGate Overview
FortiGate Platform Structure
Models
Setting the administrator password retries and lockout time
By default, the number password retry attempts is set to three, allowing the administrator a maximum of three attempts at logging in to their account before they are locked out for a set amount of time (by default, 60 seconds).
The number of attempts and the default wait time before the administrator can try to enter a password again can be configured using the CLI.
A maximum of ten retry attempts can be configured, and the lockout period can be 1 to 2147483647 seconds (over 68 years). The higher the retry attempts, the higher the risk that someone might be able to guess the password.
To configure the lockout options:
config system global set admin-lockout-threshold <failed_attempts> set admin-lockout-duration <seconds> end
For example, to set the number of retry attempts to 1, and the lockout time to 5 minutes:
config system global set admin-lockout-threshold 1 set admin-lockout-duration 300 end
Configuring Interfaces and Routing
Default Route, static route
- Destination
- Gateway address
- Interface
Policies
Show Matching logs
- Create a user account
- Configure Remote auth
- Create a user group
- add authenication to a firewall policy
- verify and monitor firewall authentication
Inspect SSL Traffic
Blocking Malware
- Allow
- Block
- Monitor
- Warning
- Authenticate
Configuring IPS (Intrusion Prevention System)
Controlling Applications Access
References
- Fortinet Training -Â https://training.fortinet.com/my/
No comments:
Post a Comment