Description

This FortiGate security and infrastructure training will provide you with all the knowledge related to Unified Threath Management (UTM) on the same platform. The “security” part will provide you with knowledge of practices related to general rules for management and protection against malware. The “infrastructure” part will allow mastery of the advanced architectural functions of FortiGate.

Who is this training for ?

For whom ?

Network engineers/administrators and technicians and anyone involved in the design of network and security architectures based on FortiGate hardware.

Prerequisites

Basic knowledge of IT security as well as good knowledge of TCP/IP.

Training objectives

Deploy the appropriate operating mode for your network (proxy, flow, NGFW, etc.)

Use the graphical and CLI interfaces jointly for administration

Control network access to networks configured using security policies fire

Apply port forwarding, source Network Address Translation (NAT), and destination NAT

Authenticate users using firewall policies

Understand encryption features and certificates

Decrypt SSL/secure traffic TLS in order to inspect it

Configure security profiles to neutralize threats and abuse

Apply network application control techniques

Use standard or non-standard protocols and ports

Fight against hacking and denial of service ( DoS)

Collect and interpret items collected in logs

Identify Fortinet Security Fabric characteristics

Analyze a FortiGate routing table

Route packets using static routes and rule-based routes

Deploy load-balanced multipath

Split FortiGate into two or more virtual devices

Configure virtual domains (VDOM)

Understand the fundamentals and benefits of using ZTNA

Offer SSL VPN for secure access to your private network

Establish an IPsec VPN tunnel between two FortiGate devices

Implement a mesh or partially redundant VPN

Diagnose failed IKE exchanges

Provide Single Sign-On (FSSO) access to network services by leveraging access to Microsoft Active Directory (AD)

Deploy FortiGate devices in high availability cluster

Improve fault tolerance and deliver high performance

Deploy SD-WAN virtual interface

Implement dynamic flow distribution based on measured performance on member interfaces

Diagnose and fix common problems

Training program

• Safety - Introduction and Initial Settings
  • High-level features.
  • Initial decisions.
  • Basic administration.
  • Basic maintenance.
• Security - Firewall Policy
  • Configuring policies.
  • Managing policies.
  • Best practices and troubleshooting.
• Security - Network Address Translation
  • Introduction.
  • Policy-backed NAT versus central NAT.
  • Best practices and troubleshooting.
• Security - Firewall authentication
  • Firewall authentication methods.
  • User groups.
  • Firewall rules with authentication.
• Security - Logging and monitoring
  • Log basics.
  • Local or remote logging.
  • Logging settings, searching logs.
  • Protecting logs logging data.
• Security - Certificate Operations
  • Authenticate and secure data using certificates.
  • Inspect encrypted data.
• Security - Web filtering
  • Inspection modes.
  • Web filtering basics.
  • Additional proxy-based web filtering features.
  • Video Filtering.
  • Best practices and troubleshooting.
• Security - Application Control
  • Application Control Basics.
  • Configuring Application Control.
  • Logging and Monitoring Application Control Events.
• Security - Antivirus
  • Fundamentals.
  • Scan modes.
  • Antivirus configuration.
• Security - Intrusion prevention
  • The intrusion prevention system.
  • Denial of service.
• Security - Security Fabric
  • Safety fabric concept.
  • Deployment.
  • Expand the safety fabric.
  • Safety fabric rating system and view of the topology.
• Infrastructure - Routing
  • Routing on FortiGate.
  • Routing Monitoring and Routing Attributes.
  • Equal Cost Load Sharing.
  • Test Reverse Path Forwarding (RPF), fight against address spoofing.
  • Link health probes and route toggle.
  • Diagnostics.
• Infrastructure - Virtual Domains
  • VDOM concepts.
  • VDOM administrators.
  • Configuring VDOMs.
  • Inter-VDOM links.
  • Best practices and troubleshooting.
• VDOM concepts. VDOM administrators. Configuring VDOMs. InterVDOM links. Best practices and troubleshooting.
  • Function and deployment.
  • FSSO with Active Directory.
  • Tuning and troubleshooting.
• Infrastructure - Zero Trust Network Access (ZTNA)
  • Introduction.
  • Comparing ZTNA to IPsec and SSL VPNs.
• Infrastructure - VPN SSL
  • Deployment modes.
  • Configuration.
  • Monitoring and troubleshooting.
• Infrastructure - IPsec VPN
  • Introduction.
  • Configuration.
  • Routing and firewall rules.
  • Redundant VPNs, mesh VPN.
  • Monitoring, logging.
• Infrastructure - High availability
  • Active/passive versus active/active operating modes.
  • HA cluster synchronization.
  • HA failover.
• Infrastructure - SD-WAN
  • Motivation, dynamic flow distribution.
  • Implementation.
  • Performance probes.
  • SD-WAN rules.
• Infrastructure - Diagnostics
  • General.
  • Stream debugging.
  • CPU and memory.
  • Firmware and hardware.