FortiGate - Troubleshooting Guide Quick Reference


Book Description

FortiGate - Troubleshooting Guide Quick Reference presents easy to understand techniques of troubleshooting on FortiGate platform. There are many debug command examples, which explain, how to read and understand the command output. The intention of the book is not to teach you how presented technologies work. I do not explain configuration examples. If you do not feel confident to perform troubleshooting effectively, the book is for you.




UTM Security with Fortinet


Book Description

Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. Unified Threat Management (UTM) makes network security less complex, cheaper, and more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet's FortiGate in the enterprise. - Provides tips, tricks, and proven suggestions and guidelines to set up FortiGate implementations - Presents topics that are not covered (or are not covered in detail) by Fortinet's documentation - Discusses hands-on troubleshooting techniques at both the project deployment level and technical implementation area




Getting Started with FortiGate


Book Description

This book is a step-by-step tutorial that will teach you everything you need to know about the deployment and management of FortiGate, including high availability, complex routing, various kinds of VPN working, user authentication, security rules and controls on applications, and mail and Internet access.This book is intended for network administrators, security managers, and IT pros. It is a great starting point if you have to administer or configure a FortiGate unit, especially if you have no previous experience. For people that have never managed a FortiGate unit, the book helpfully walks through the basic concepts and common mistakes. If your work requires assessing the security of a corporate network or you need to interact with people managing security on a Fortinet product, then this book will be of great benefit. No prior knowledge of Fortigate is assumed.




Fortigate Firewall Admin Pocket Guide


Book Description

If you are new to Fortigate firewall, or just moving from another firewall platform ( Check-Point, Palo alto ). then this book is for you. here you will learn how to: Configure your administrator account with MFABackup revisionsConfigure Interfaces and servicesUnderstand Your Firewall SessionsAnalyze LogsManage your memory resourcesDiagnose With CLI commandsFortigate Firewall Admin Pocket Guide is here for one purpose only. to give you the skills to administrate your Fortigate firewall Fast with a solid foundationThis Book is For Beginners and Intermediate User




Introduction to FortiGate Part-1 Infrastructure


Book Description

Looking to step into the Network Security field with the Fortigate firewall? Or are you required to manage a FortiGate NGFW for your organization? Then this is the right book for you! The FortiGate is an amazing device with many cybersecurity features to protect your network. If you are new to FortiGate's then this is the perfect book for you! This book will cover general overview of working with Fortinet. Also, you will gain a solid understanding on day to day administrative tasks. Next, you will learn how FortiGate interacts with various layer-2 protocol. Also you will get a chance how to filter network traffic and apply security policies which is very exciting. Lastly, you will learn about the session table and how Fortigate handles traffic. Below is a full list of what this book covers: Chapter One - Introduction to FortiGate-Identify platform features of FortiGate-Describe Security Processor Unit SPU-Identify factory defaults-Understand the different operational modes-Understand FortiGate and FortiGuard Relationship-Manage administrator profiles-Manage administrative profiles-Manage network interfaces-Manage basic services-backup and restore config file-upgrade and downgrade firmware-Understand CLI structure-Understand GUI navigation-Initial ConfigurationChapter - 2 - Layer two technologies-Configuration of layer-2 VLANs-Describe VLANs and VLAN tagging process-Describe FortiOS Transparent Mode-Configure FortiOS Transparent Mode settings-Describe Transparent Mode Bridge Table-Describe MAC forwarding-Describe how to find MAC address on FortiOS-Describe Forwarding Domains-Describe and configure Virtual Switches-Describe Spanning Tree Protocol-Describe and Configure various NAT Mode layer-2 protocols-Describe and configure Layer-3 VLAN interface-Describe Virtual Wire Pairing-Describe and Configure VXLANChapter-3 Layer Three Technologies: -Configuration of Static Routes-implementation of Policy-Based Routes-Control traffic for well-known Internet Services-Interpret the FortiOS Routing Table-Understand FortiOS anti-spoofing mechanism-Implement route failover and floating route-Understand ECMP-Recognize active route vs standby route vs inactive routes-Use built in sniffer and diagnose flow debug tools, -Understand Session Table Entry.Chapter 4 - Firewall Policy and NAT-Identify components in Firewall Policy-Describe how traffic matches Firewall Policy Entries-Configure Firewall Policy Logging-Describe Policy GUI list views-Describe Policy ID's vs Policy Sequence numbers-Described where objects are referenced-Explain Name restrictions on Firewall Policies-Perform Firewall Policy re-ordering-Describe NAT and PAT-Explain different configuration modes for NAT-Configure and Describe SNAT and DNAT VIPs-Troubleshoot NAT issues




Fortigate Firewall Diagnostics Pocket Guide


Book Description

Knowing how to diagnose your FortiGate is probably one of the most important tools that you can acquire as a FortiGate professional. It will make you aware of what is happening on your network, on your FortiGate kernel, services, and much more. this skill set is unique and the mindset that you will acquire will serve you not only on your firewall We will start with a low-level view of our FortiGate traffic, moving on to General network issues, system performance, and from there to sessions and packet flow view




Introduction to FortiGate Part-II Infrastructure


Book Description

Network Security Expert 4 Study Guide | Part-II Fortinet Network Security Introduction Introduction to FortiGate Part-II Infrastructure picks up where Part-I left off. The book begins by going on FortiOS VDOM technology and Session Helpers. You will gain a solid understanding on how VDOM's work and why they are needed. You will also learn why Session Helpers exist. Also, you will have an opportunity to gain insight into how FortiGate High Availability technology works as well. You will feel confident in your HA deployment after reading this book I promise you! Next, we dig into FortiOS logging technology which is essential for any SOC. Next, we review some popular VPN technologies like IPsec and SSL. This book shows you how to configure and use both technologies on FortiGate. After VPNs, we step into FortiOS SDWAN technology which is hot right now! you will learn what SDWAN is and how to deploy it! lastly we finish up Part-II Infrastructure with a full chapter on troubleshooting all the technology covered in Part-I and Part-II. VDOMs and Session Helpers | Chapter 5 - Configure, Define and Describe Session Helpers - Understand and Configure ALG - Define and describe VDOMs - Understand Management VDOM - Understand VDOM Administrators - Configure multiple VDOMs - understand and configure Inter-vdom link - limit resource allocated to VDOMs - Inter-VDOM Link Hardware Acceleration - VDOM Diagnostics High Availability | Chapter 6 - Identify Different Operation HA Modes - Config HA - Understand HA Election Process - Identify primary secondary units - Debug HA sync - Configure Session sync - HA failover types - Identify how HA modes pass traffic - Configure and understand Virtual Clustering - Verify HA operations - Upgrade HA firmware - FortiGate Clustering Protocol - HA Clustering Requirements - HA Diagnostics Logging and Monitoring | Chapter 7 - Log basics - Describe performance and logging - Identify local log storage - configure logging - Understand disk allocation - Identify External log storage - Configure log backups - configure alert email and threat weight - configure remote logging - understand log transmission - configure reliable logging and OFTPS - understand miglogd - Understand FortiView IPsec VPN | Chapter 8 - Understand IPsec and IKE fundamentals - Understand VPN topology - Understand route-based VPN - Configure Site-to-site VPN - Understand ASIC offload with VPN - Configure redundant VPNs - VPN best practices - Verify IPsec VPN - Understand Dial-up VPN SSL VPN | Chapter 9 - Understand SSL VPN concepts - Describe the differences between SSL an IPsec - Configure SSL VPN Modes - Configure SSL Realms - Configure SSL Authentcation - Monitor SSL VPN users and logs - Troubleshoot SSLVPN SDWAN | Chapter 10 - Understand SDWAN concepts - Understand SDWAN design - Understand SDWAN requirements - Configure SDWAN virtual link and load balance - Configure SDWAN routing and policies - Configure SDWAN health check - understand SLA link quality measurements - Understand SDWAN rules - configure dynamic link selection - Monitor SDWAN - Verify SDWAN traffic Diagnostics and Troubleshooting | Chapter 11 - Troubleshoot Layer-2 - Troubleshoot Routing - Troubleshoot Firewall Policy - Troubleshoot High Availability - Troubleshoot Logging - Troubleshoot IPsec - Troubleshoot SSL VPN - Troubleshoot SDWAN




NSE4 Study Guide Part-II Infrastructure


Book Description

Network Security Expert 4 Study Guide | Part-II Fortinet Network Security Introduction Introduction to FortiGate Part-II Infrastructure picks up where Part-I left off. The book begins by going on FortiOS VDOM technology and Session Helpers. You will gain a solid understanding on how VDOM's work and why they are needed. You will also learn why Session Helpers exist. Also, you will have an opportunity to gain insight into how FortiGate High Availability technology works as well. You will feel confident in your HA deployment after reading this book I promise you! Next, we dig into FortiOS logging technology which is essential for any SOC. Next, we review some popular VPN technologies like IPsec and SSL. This book shows you how to configure and use both technologies on FortiGate. After VPNs, we step into FortiOS SDWAN technology which is hot right now! you will learn what SDWAN is and how to deploy it! lastly we finish up Part-II Infrastructure with a full chapter on troubleshooting all the technology covered in Part-I and Part-II. VDOMs and Session Helpers | Chapter 5 - Configure, Define and Describe Session Helpers - Understand and Configure ALG - Define and describe VDOMs - Understand Management VDOM - Understand VDOM Administrators - Configure multiple VDOMs - understand and configure Inter-vdom link - limit resource allocated to VDOMs - Inter-VDOM Link Hardware Acceleration - VDOM Diagnostics High Availability | Chapter 6 - Identify Different Operation HA Modes - Config HA - Understand HA Election Process - Identify primary secondary units - Debug HA sync - Configure Session sync - HA failover types - Identify how HA modes pass traffic - Configure and understand Virtual Clustering - Verify HA operations - Upgrade HA firmware - FortiGate Clustering Protocol - HA Clustering Requirements - HA Diagnostics Logging and Monitoring | Chapter 7 - Log basics - Describe performance and logging - Identify local log storage - configure logging - Understand disk allocation - Identify External log storage - Configure log backups - configure alert email and threat weight - configure remote logging - understand log transmission - configure reliable logging and OFTPS - understand miglogd - Understand FortiView IPsec VPN | Chapter 8 - Understand IPsec and IKE fundamentals - Understand VPN topology - Understand route-based VPN - Configure Site-to-site VPN - Understand ASIC offload with VPN - Configure redundant VPNs - VPN best practices - Verify IPsec VPN - Understand Dial-up VPN SSL VPN | Chapter 9 - Understand SSL VPN concepts - Describe the differences between SSL an IPsec - Configure SSL VPN Modes - Configure SSL Realms - Configure SSL Authentcation - Monitor SSL VPN users and logs - Troubleshoot SSLVPN SDWAN | Chapter 10 - Understand SDWAN concepts - Understand SDWAN design - Understand SDWAN requirements - Configure SDWAN virtual link and load balance - Configure SDWAN routing and policies - Configure SDWAN health check - understand SLA link quality measurements - Understand SDWAN rules - configure dynamic link selection - Monitor SDWAN - Verify SDWAN traffic Diagnostics and Troubleshooting | Chapter 11 - Troubleshoot Layer-2 - Troubleshoot Routing - Troubleshoot Firewall Policy - Troubleshoot High Availability - Troubleshoot Logging - Troubleshoot IPsec - Troubleshoot SSL VPN - Troubleshoot SDWAN




A Practical Approach to Cloud IaaS with IBM SoftLayer: Presentations Guide


Book Description

This IBM® Redbooks® publication is based on the Presentations Guide of the course A Practical Approach to Cloud IaaS with IBM SoftLayer, which was developed by the IBM Redbooks team in partnership with IBM Middle East and Africa University Program. This course is designed to teach university students how to build a simple infrastructure as a service (IaaS) cloud environment based on IBM SoftLayer®. It provides students with the fundamental skills to design, implement, and manage an IaaS cloud environment using the IBM SoftLayer platform as an example. The primary target audience for this course is university students in undergraduate computer science and computer engineer programs with no previous experience working in cloud environments. However, anyone new to cloud computing can benefit from this course. The workshop materials were created in July 2015. Thus, all IBM SoftLayer features discussed in this Presentations Guide are current as of July 2015.




Deploying ACI


Book Description

Use ACI fabrics to drive unprecedented value from your data center environment With the Cisco Application Centric Infrastructure (ACI) software-defined networking platform, you can achieve dramatic improvements in data center performance, redundancy, security, visibility, efficiency, and agility. In Deploying ACI, three leading Cisco experts introduce this breakthrough platform, and walk network professionals through all facets of design, deployment, and operation. The authors demonstrate how ACI changes data center networking, security, and management; and offer multiple field-proven configurations. Deploying ACI is organized to follow the key decision points associated with implementing data center network fabrics. After a practical introduction to ACI concepts and design, the authors show how to bring your fabric online, integrate virtualization and external connections, and efficiently manage your ACI network. You’ll master new techniques for improving visibility, control, and availability; managing multitenancy; and seamlessly inserting service devices into application data flows. The authors conclude with expert advice for troubleshooting and automation, helping you deliver data center services with unprecedented efficiency. Understand the problems ACI solves,and how it solves them Design your ACI fabric, build it, and interface with devices to bring it to life Integrate virtualization technologieswith your ACI fabric Perform networking within an ACI fabric (and understand how ACI changes data center networking) Connect external networks and devices at Layer 2/Layer 3 levels Coherently manage unified ACI networks with tenants and application policies Migrate to granular policies based on applications and their functions Establish multitenancy, and evolve networking, security, and services to support it Integrate L4–7 services: device types, design scenarios, and implementation Use multisite designs to meet rigorous requirements for redundancy and business continuity Troubleshoot and monitor ACI fabrics Improve operational efficiency through automation and programmability




Recent Books