All Discussions

Featured Discussions

  • Posted in: IPsec/SSL VPN

Latest Discussions

  • Profile Picture

    RE: FortiGate Essentials 6.2 Training

    Posted in: NSE Training

    Thanks

  • Profile Picture

    Problemas con servicio SIEM

    Posted in: SIEM

    Buen día, Quisiera saber si a alguno le ha pasado el siguiente problema: - tratando de descubrir un dispositivo con Windows, el descubrimiento nunca termina, y me di cuenta que el servicio phperfMonitor se encuentra abajo, reinicie todos los servicios ...

  • Posted in: NSE Training

    A mi me pasa lo mismo. desde ayer terminé todo y no me aparece el certificado. Esperemos que salga hoy.

  • Profile Picture

    Windows Defenter ATP - Cloud - BugFix

    Posted in: SIEM

    Hi, We have found that the native parser for ATP is not collecting every fields, so we share with you guys our version1. We are trying to get the IP address for correlation, the ATP gives the IP in the field: InternalIPv4List. "InternalIPv4List": ...

  • Profile Picture

    FAZ concurrent SSL VPN connections

    Posted in: IPsec/SSL VPN

    I've been search high and low for answers related to making a chart that shows the number of concurrent SSL VPN connections. I have been trying to use the following and manipulate it somehow to give me the total number at a given time. select $flex_timescale(timestamp) ...

  • Profile Picture

    thank yyou

    Posted in: NSE Training

    thanks for this material , very helpful

  • Profile Picture

    RE: FortiSIEM - Windows Defender Logs

    Posted in: SIEM

    Hi Isuru, Just for Windows Defender ATP. Cheers

  • Profile Picture

    RE: FortiSIEM - Windows Powershell

    Posted in: SIEM

    Hi Dan, Please find the Sample Logs herewith. Cheers, Isuru

  • Posted in: NSE Training

    Hi there, No worries, the course will be available going forward, this is not restricted to next week at all. This course is a self-paced course, you can complete the lessons whenever you want. We will open demo labs every week. Please let me know fi ...

  • Profile Picture

    RE: Fortigate as a bandwidth controller

    That is correct.

  • Hi Patrick, this is currently being worked on. It has taking longer than we would have liked but rest assured it's coming.

  • The best way to illustrate real world performance is constantly being evaluated. There is unfortunately not a "one size fits all" for firewall performance so the testing with what is seen as a majority of customer use cases is what is published. C ...

  • Posted in: IPsec/SSL VPN

    The doc team updated the technical docs with the "Tele-Working" as a category. The following link provides the technical assets, https://docs.fortinet.com/teleworking .

  • Posted in: IPsec/SSL VPN

    For those looking into supporting remote working at scale, here is the Teleworker Solution page that provides an overview of the Fortinet solution. https://www.fortinet.com/solutions/enterprise-midsize-business/network-access/teleworker-work-remote.html ...

  • Posted in: Secure SD-WAN

    Dear Fortinet Community I am looking for more support of my New Feature Request within the FortiOS 6.4 Beta - NFR: Multiple SD-Interface in one VDOM instead one SD-WAN. It would be good to have the possibility to have multiple SD-WAN Interfaces ...

    1 person recommends this.
  • Posted in: SIEM

    I made a quick change to the parser, it should at least recognize the events. You'll need to disable the existing Apache parser and the InfoBloxAuditParser. Clone the Apache parser and use the one I have attached here. Then do a validate, test (use ...

  • Posted in: SIEM

    There are a couple of approaches: 1) Suprema sends syslog to FortiSIEM - then create a custom parser. 2) Write a script to connect to Superma API, pull back the events and then syslog them into FortiSIEM. There is an HTTPS upload into FortiSIEM available ...

  • Posted in: SIEM

    Hello again Dan, I have been monitoring some system services like rsyslog and sshd. But the are constantly with the process down due to the threads they create. How do you handle this? Because the incident creation will go nuts.. Tanks in advance, ...

  • Profile Picture

    Sophos XG - Parsing

    Posted in: SIEM

    Hi, We have developed a new parser for Sophos XG, with the blades bellow: Firewall Log SSL VPN GUI IPSec WebProxy Anti-Spam Anti-Virus DHCP You have to add the events (admin -> device support -> Event), to do this, run analytics and ...

    1 person recommends this.
  • Profile Picture

    Fortimanager-VM

    Hello, This is my first post here, so it could be the wrong place to post I have to manage a Fortimanager-VM but I have a lot of warning about space disk. some folder like this one "/dev/mdvg/mdlv" seem to be full extract from: /dev/mdvg/mdlv 82434456 ...

  • Profile Picture

    RE: FortiNAC DHCP Profile

    Posted in: NAC & IoT Security

    I believe profiling and dhcp server will be 2 different things. You have to enable the dhcp server in the FortiNAC if supported because the DHCP Server normally it'd be a Windows/linux DHCP Server, a router or a Fortigate par example.

  • Profile Picture

    Telecommuter VPN on Firewalls

    Posted in: IPsec/SSL VPN

    I'm exploring using our Fortigate firewalls to terminate a Telecommuter (aka 'Dialup') remote access service Right now, I'm trying to develop an L2TP service which would simultaneously support Windows, OS X, and Linux clients. I am running into bumps ...

  • Posted in: NSE Training

    Hi, Please take into account this important information. They are concerning ONLY Fortinet training classes . Coronavirus Outbreak - Global policy Important: All Onsite Fortinet Training engagement will be converted to Virtual Instructor-led ...

  • Posted in: IPsec/SSL VPN

    I agree with Philip. I think in this scenario your cost will come out far lower with hardware as well once you consider server resources, VMware licensing and setup. Even if you are on a shared infrastructure those are real costs. Also, it is much ...

  • To minimize downtime, ideally, you would convert the 100D configuration to the new 200E devices, verify failover, verify policy and routing BEFORE you schedule a cutover. Best way to do this is to use the same OS version. Minimize the number of changes ...

  • Posted in: Wireless

    Hi Alan, Indeed after putting this CLI command to all AP resolve the issue. Thank you so much to everyone who helped me in this issue. I wish you all Good day Best, Deepak

  • Posted in: Wireless

    Do you have an image for the 1550? Our controllers crashes everytime we try to upgrade. Thank you.

  • Profile Picture

    RE: Accelerate 2020 - New York

    Posted in: Fortinet Accelerate

    Hello Muhammad, welcome to Fuse. With regards to Accelerate 2020, we do not provide any free passes or tickets at this time. Please avail the early bird pricing for the New York event which ends on March 18, 2020. Thank you! ------------------------------ ...

  • Profile Picture

    RE: Join the Accelerate Discussions

    Posted in: Fortinet Accelerate

    Robert, we'd be missing you all in Barcelona as well. It is unfortunate that the event got cancelled in the last minute, and there is always a next time. Accelerate New York which is coming in May, could be an option for you. If not, we'll see you next ...

  • Profile Picture

    RE: Let's start the conversation

    Posted in: Fortinet Accelerate

    Swathi, thank you!

  • Profile Picture

    RE: "VPN Tunnel" list empty?

    Posted in: IPsec/SSL VPN

    Thx Mohammad

  • Profile Picture

    RE: Download fortios 6.0.8

    Posted in: Security Fabric

    it was already none

  • Profile Picture

    TLS 1.3 and Kerberos vs. TS-Agent

    Hi everyone, currently i have to figure out 2 things for a customer. 1. Is it possible to inspect TLS 1.3 traffic for anti-virus and url-filter with the fortigate? Flow-based, proxy-based or only explicit-proxy? 2. I read that fortigate can do kerberos ...

  • Posted in: Endpoint Protection

    FortiClient 6.0.9.0277 Does not have this feature available: to Enable/Disable "Restrict Youtube Access"

  • Profile Picture

    NAT64

    Hello, I'm new to the community. I am currently doing a lab with IPv6, seeing that fortigate has the characteristic of doing NAT64, I have version 6.2.0 I have followed the guide of this link: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/443324/nat64-policy-and-dns64-dns-proxy ...

  • Profile Picture

    RE: unblock FortiClient on Mac

    Posted in: Endpoint Protection

    https://lmgtfy.com/?q=forticlient+mac+error+104

  • Profile Picture

    RE: SDWAN and internet breakout

    That's where I'm heading. Thanks, I'll keep you posted. Chris Sieber | NFV Services NTT Global Networks m: +1.303.828.7549 o: +1.720.475.4107 csieber@nttglobal.net ------Original Message------ ...

  • Profile Picture

    775 Zero Days

    Posted in: Threat Intelligence

    It is always best when the good guys find zero-day vulnerabilities before the bad guys. That way we have time to fix the flaw before bad actors discover it and start exploitation. FortiGuard Labs has a dedicated team of expert researchers and analysts ...

  • Profile Picture

    RE: Can You Guess How Many...

    Posted in: Threat Intelligence

    Option C is correct. FortiGuard Labs blocks 14 million malicious websites per minute. Our web filtering team leverages a seasoned machine learning program to continually scour the internet and categorize web pages. It is a highly effective solution. Fortinet ...

  • Posted in: Sandboxing

    Hi, When configuring a regular slave one has to specify the cluster interface. For larger deployments can some regular slaves be in a different L3 subnet than the master and primary slave? I read somewhere also something about inter-cluster between ...

  • Profile Picture

    RE: FortiNAC HA

    Posted in: NAC & IoT Security

    Hello Sekou, You can point your dhcp relay relay to the FORTINAC1 and FORTINAC2, with this situation the FORTINAC2 will receive also the information but you will only use him when he will takeover the master role. Let's hope it's Ok for you as a 'trick' ...

  • Profile Picture

    RE: ADC 5.3 - FDS Communication

    Dear Ferry, Many thanks. you mention port 8890, this is only for Fortiguard Queries, i.e. for ADC only for WebFilter Queries? But not for IPS, AV engine updates, or IPS, AV, Geo IP, IP Reputation DBs as well as not for firmware updates etc. I'm trying ...

  • Profile Picture

    RE: Requirement For deploy FortiNAC

    Posted in: NAC & IoT Security

    Thank you!

  • Hello Patrick, Communication (HTTPS) is initiated from ADC to ADC-mgr upon registration. Management/Configuration connections are initiated from ADC-mgr to ADC (HTTPS). In case you enable central logging then expect syslog (UDP/514) from ADC to ADC-mgr. ...

  • Profile Picture

    RE: Event Attributes

    Posted in: SIEM

    Hi Justin, Can you provide a copy of the event? Obfuscate fields as needed. What device is the event from? Thanks

  • Profile Picture

    Windows 7 Support Ends January 2020

    Posted in: Threat Intelligence

    After January 14, 2020, Microsoft will no longer provide security updates or support for PCs with Windows 7. If you are still running Windows 7, you should upgrade to Windows 10 before January 14th. Microsoft Information ------------------------------ ...

  • Hi, we need to have many LUA examples for FortiADC, the examples in Admin Guide are not enough. fqdn disections string manipulations ------------------------------ Thx ------------------------------

  • Profile Picture

    Stay Safe While Holiday Shopping

    Posted in: Threat Intelligence

    Black Friday, Cyber Monday, and online shopping any day are targets for cybercriminals. Read the Fortinet blog on how to stay safe while holiday shopping: Your Holiday Guide To Safe Cybershopping ------------------------------ Jeannette ------ ...

  • Posted in: IPsec/SSL VPN

    Jim, thank you for spotting the typo. I just fixed it. BTW, hope you found this post helpful. If so, please click on the ' Recommend ' button on the top right.

  • Profile Picture

    RE: Anticipated TCP 3 handshake

    Hello, Thanks Vinay

  • Posted in: Endpoint Protection

    By Manny Fernandez Recently I did the Catalina Upgrade to both of my MacBook Pros. FortiClient was working on both. Then on ONE of them, I did the supplemental patch. That patch killed my FortiClient. Man was I on fire. Fortinet ...

  • Profile Picture

    IPv6 VPNs in Fortigate Firewalls

    Posted in: IPsec/SSL VPN

    By Manny Fernandez I have two Fortigate 140Es in my environment. SecPrimate-01 and SecPrimate-02. The SecPrimate-01 is using the Mariner color while the SecPrimate-02 is using Red. Both firewalls are connected to a switch on port2 acting ...

  • Profile Picture

    Fortinet Security Fabric in Action

    https://www.infosecmonkey.com/2019/11/02/blocking-file-types-of-fortigate-firewall/ By Manny Fernandez A colleague of mine, Chris Fore, SE in the San Fransisco Bay Area created an amazing video showing the Fortinet Security Fabric in ...

    1 person recommends this.
  • Posted in: IPsec/SSL VPN

    By Manny Fernandez Earlier, I wrote an article showing how to do a VTI (Virtual Tunnel Interface) from a Cisco ASA to a Fortigate Firewall. Today, I will cover a route-based VPN with a Cisco Router instead of a Cisco ASA using VTIs. ...

    1 person recommends this.
  • By Manny Fernandez When you have a dynamic IP address assigned by your carrier, you are normally only assigned one IP address to use. If you had a Fortigate that is attached to a Cable Modem as an example and the modem and the Fortigate are using ...

  • Profile Picture

    DNS over TLS (DoT) on the Fortigate

    By Manny Fernandez I recently wrote an article about the difference between DNS over HTTPS and DNS over TLS and the differences between the two. Now as promised, I will show how to configure DoT. Lets get started. Requirements: FortiOS 6.2x ...

  • Posted in: IPsec/SSL VPN

    By Manny Fernandez A colleague wanted to test VPNs to multiple platforms. I set up a Checkpoint 1450, PAN 200, and an ASA 5515. This box is running the following: Configuring The Internet To begin, I needed to configure the Internet ...

  • Profile Picture

    FortiOS to PANOS Site-to-Site VPN

    Posted in: IPsec/SSL VPN

    By Manny Fernandez In this article, I am using "WAY OLD" PAN OS. Mostly because I no longer own an updated PAN box. I am going to be installing a VM in a couple of weeks and will be doing some compare and contrast articles and some PAN VM to ...

  • Posted in: IPsec/SSL VPN

    By Manny Fernandez Customer had a question about creating a route-based VPN between a Cisco ASA and a Fortigate. Traditionally, the ASA has been a policy-based VPN which in my case, is extremely outdated. With Route-Based VPNs, you have far more ...

  • Profile Picture

    WhatsApp Vulnerability Patched

    Posted in: Threat Intelligence

    WhatsApp, the private messaging app, is becoming quite a popular target for attackers and governments to spy on users. The app is used by 1.5 billion people globally. While it touts itself as secure end-to-end encryption, many security issues have been ...

    1 person recommends this.
  • Profile Picture

    Insider Risk Challenges

    Posted in: Threat Intelligence

    Did you catch the new Fortinet blog on challenges of insider risk? It is worth a read: Addressing the Challenge of Insider Risk Here are suggested strategies to minimize the risk: Train employees to see and report suspicious activity. In ...

    1 person recommends this.
  • Hi Pavel, I do think I am clear on what exactly you are asking then. Can you provide a network diagram of what you are referring to for clarification? Antispoofing/Reverse Path Forwarding does not drop traffic on the FortiGate when there is a valid ...

  • Profile Picture

    Quarterly Threat Report

    Posted in: Threat Intelligence

    Don't forget to download our new Quarterly Threat Report. Fortinet has a unique perspective on the threat landscape. Some key topics we cover are: Spikes in attacks at the network edge Design flaw in ad-blocking service exploited to exempt malicious ...

  • Profile Picture

    RE: FORTISANDBOX AI-MODE ACTIVATION IMPACT

    Posted in: Sandboxing

    No, there is no loss of functionality and the performance is not negatively impacted when you enable AI-Mode. The tool enhances the detection engine capabilities, improving the overall detection rates. Our internal testing has shown an improvement ...

  • Hello Mohammed. Please contact Fortinet Sales for help with this quwarion https://www.fortinet.com/how-to-buy.html Bill

  • Posted in: Sandboxing

    Hi Jim, Thank you very much. Everything work now.

  • Profile Picture

    Beware Holiday Scams

    Posted in: Threat Intelligence

    As the holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory encouraging users to be aware of the potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online. ...

  • Profile Picture

    FortiGuard Threat Playbooks

    Posted in: Threat Intelligence

    Have you used our FortiGuard Threat Playbooks? Are the valuable? Did they you to help understand the threat life-cycle better? Do you have ideas you can share? https://fortiguard.com/playbook Let us know what you think! Thanks!

  • Profile Picture

    BlueKeep Attacks Starting

    Posted in: Threat Intelligence

    CVE-2019-0708, the RDP vulnerability with capabilities to be wormable, is now being exploited in the wild. If you haven't patched for this vulnerability, you should do so now. While the current attacks are not wormable, the exploit is in the eyes ...

  • Profile Picture

    RE: MC4200 Corupt Compact Flash card

    Posted in: Wireless

    Hi John Thank you for this. I have manage to get a version 6.1.25 after a long time. It seems to work, but haven't really gone through it thoroughly. I just wanted to get the wifi up and running. I will download this as a backup tho, so I can go back ...

  • Posted in: Threat Intelligence

    There is an exploit for Chrome targeting vulnerability CVE-2019-13720 active in the wild. It is a use-after-free bug, a memory corruption flaw that allows attackers to execute malicious code. We recommend you patch today. Chrome version 78.0.3904.87 ...

  • Profile Picture

    Migration plan document

    ​​Hi, I am looking for a standard template for a migration of the firewalls of HO and its many branch offices. do we have any check list or project preparation documents for planning and execution . I am Thankful if anyone can share the idea or detai ...

  • Profile Picture

    RE: SMTP Authentication with AD/LDAP

    Hi Nawir, 1. You can create recipient policy and specify smtp authentication method as LDAP. 2. Create LDAP profile and enable authentication against Zimbra server. Please see the attached screen shots. Thanks

  • Profile Picture

    Recipient Verification with Zimbra

    Hi, SW INFO: -Zimbra 8.8.15 -FortiMail VM 6.x QUESTIONS 1. How to set valid recipient in FortiMail by checking SMTP in Zimbra (not using LDAP/AD verification) anything to to change in Zimbra site? 2. by default FortiMail will reject unknown recipient. ...

  • Profile Picture

    Blocking apps and download manager

    I have 10 test in Fortigate but I don't have license. So I don't know whether with latest definition working or not QUESTIONS 1. I want to know whether Fortigate can block application like Opera Turbo, ZenMate, Psiphon3, IDM, FDM, IDA, Open Proxy, DNS ...

  • Profile Picture

    Check valid email to AD/LDAP

    GOALS: 1. FortiMail will check incoming mail with AD or LDAP. Because sometime spammer set "From: targetemail" and set invalid email, so that when bounce back will attack to targetemail 2. Block incoming mail by country QUESTIONS: 1. without Fortigate. ...

  • Yes you are right. I am asking Fortigate presenter here in Indonesia yesterday. To make consistency between product. For example grep only appear in Fortigate but not in Fortimail and any other product. This is problem when I want to search certain word ...

  • Posted in: Threat Intelligence

    Fortinet is a founding member of the Cyber Threat Alliance (CTA). The CTA is a not-for-profit organization that is working to improve the cybersecurity of our global digital ecosystem by enabling near real-time, high-quality cyber threat information ...

  • Hi, A) Is it somehow possible to have a menu selector for the correct authentication method? User goes to portal/ receives a site publish form with a selection of authentication methods (combobox or links) B) On Fortigate it is possible to have in ...

  • Hi Parick, We do not support HTML Form Based delegation. Please open a Knock ticket so we can re-open NFR380101. Best Regards Rafael ...

  • Profile Picture

    FortiGuard Labs Research Center

    Posted in: Threat Intelligence

    The FortiGuard Labs Research team participates in many conferences and workshops. In the Research Center you will find information such as slides, video presentations and related research publications. Check it out! https://fortiguard.com/events

  • Profile Picture

    RE: FortiSIEM Clear Conditions

    Posted in: SIEM

    Hi Mohammed, I'm afraid this isn't currently possible. Most performance and availability rules have a clear condition if that condition is met within a certain amount of time. Thanks Dan

  • In IP Policy and Conenction Settings there is a setting for : "Maximum concurrent connections for each client:" Out of the box it seems this was 5. We've had a couple of issues with voting software sites like ElectionBuddy and SimplyVoting where email ...

  • Profile Picture

    Training on the Threat Landscape

    Posted in: Threat Intelligence

    Want to learn more about the threat landscape and network security? Check out our free NSE 1 training course on the threat landscape. We are proud that Fortinet's Network Security Expert (NSE) Institute's certification program has been named ...

  • Profile Picture

    FortiGate VM for VMWare NSX-T

    Fortinet provides advanced security for east-west, north-south traffic flows for VMWare NSX-T. https://youtu.be/uVAZoUNqSvw YouTube FortiGate VM for VMWare NSX-T Fortinet provides advanced security for ...

  • Profile Picture

    FortiCWP 4.2 Use Case Demos

    FortiCWP helps customers mitigate risks associated with cloud computing including misconfigurations, malware data in storage, compliance reporting and suspicious activity in their cloud environments. It can help secure deployments in Microsoft Azure, ...

  • Profile Picture

    Fortinet Podcasts

    Posted in: Threat Intelligence

    Fortinet releases podcasts that highlight our security products and solutions. We also have two specific podcasts addressing threat intelligence: Security Roundtable Podcast - a quarterly podcast of Fortinet Security Experts highlighting current and ...

  • Posted in: SIEM

    Hi Kalana, This is a manual download of the license and then upload in the ForitSIEM GUI. Thanks Dan

  • Profile Picture

    Fortinet Launches FortiCWP

    Posted in: Public Cloud

    A replacement for FortiCASB-Cloud, FortiCWP is Fortinet's cloud-native Cloud Workload Protect (CWP) service. FortiCWP hooks into the APIs provided by cloud vendors including AWS, Azure and Google Cloud Platform to monitor and track all security components, ...

  • Profile Picture

    FortiCWP Overview

    Posted in: Public Cloud

    FortiCWP Overview Organizations are embracing multiple public cloud platforms, resulting in increased complexity of management which impacts security and risk. Additionally, the built-in security tools that come with various cloud platforms are ...

  • Profile Picture

    FortiADC Overview

    FortiADC Overview With bandwidth demand growing faster than budgets, and with cyberattacks constantly on the rise, it can be challenging to securely and efficiently deliver applications at the speed users expect. Fortinet Application Delivery Controller ...

  • Profile Picture

    FortiIsolator Overview

    Posted in: Browser Isolation

    FortiIsolator, Fortinet's browser isolation platform, adds an additional advanced threat protection capability to the Fortinet Security Fabric and protects critical business data from sophisticated threats out on the web. Content and files from the web ...

  • Profile Picture

    Fortinet Dynamic Cloud Security

    Posted in: Public Cloud

    Learn more: www.fortinet.com/cloud Related videos: IHS Markit Survey: Critical Insights into Today's Cloud Infrastructures: https://www.youtube.com/watch?v=ejY03... Fortinet's FortiWeb Cloud WAF-as-a-Service: https://www.youtube.com/watch?v=5fUl5... ...

  • Posted in: Public Cloud

    Learn more: www.fortinet.com/aws The FortiGate-VM on AWS delivers next-generation firewall (NGFW) capabilities for organizations of all sizes, with the flexibility to be deployed as a NGFW and/or a VPN gateway. https://youtu.be/NPDx1G5UHVw ...

  • Posted in: Threat Intelligence

    Learn more: https://www.fortinet.com/support/supp... The Fortinet Security Rating Service is intended to guide customers to design, implement and continually maintain the target Security Fabric security posture suited for their organization. The Security ...

  • Posted in: Threat Intelligence

    Learn more: https://fortiguard.com/ The Fortinet Security Fabric and solutions, which include our award-winning FortiGate next-generation firewalls and Secure SD-WAN platform, help customers stay protected against threats that put their businesses ...

  • Posted in: Secure SD-WAN

    Learn more: https://www.fortinet.com/products/sd-... In this video, learn about how customers can leverage FortiManager and FortiAnalyzer to Simplify SD-WAN branch operations. We look at 5 capabilities and 3 key benefits that customers have with ...

  • Profile Picture

    Threat Analytics

    Posted in: Threat Intelligence

    Did you know that you can find out our top 10 Virus, Exploits and Botnet's for any given day? Visit out FortiGuard.com threat analytics site: https://fortiguard.com/threat-research/threat We even break it down to show threats per vertical. Check ...

  • Posted in: Wireless

    Gartner released the 2019 Magic Quadrant for the Wired and Wireless LAN Access Infrastructure. In the most recent edition, Fortinet is again in the Niche Players Quadrant, but has been placed furthest on completeness of vision and ability to execute in ...

  • Posted in: Switching

    Gartner released the 2019 Magic Quadrant for the Wired and Wireless LAN Access Infrastructure. In the most recent edition, Fortinet is again in the Niche Players Quadrant, but has been placed furthest on completeness of vision and ability to execute in ...

  • Profile Picture

    Safetica DLP integrates with Fortinet

    Posted in: Endpoint Protection

    Hi guys, I believe Safetica is their closest DLP integration covering all endpoints. Integration of Safetica data loss prevention solution (DLP) and Fortinet security technologies provides companies with a powerful tool for the security of their data ...

  • Posted in: Secure SD-WAN

    Improve user experience and simplify operations at the WAN Edge with an integrated NGFW and SD-WAN in single offering. As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations with multiple remote ...

  • Profile Picture

    RE: Chromebook and Fortinet wifi

    Posted in: Wireless

    Hi Leif Did you make the power change noted below? Just wondering how things are going. We are also experiencing the same thing with the same one AP per classroom. FortiWLC 8.4-4build-8 | FortiWLC-3000D 822 and 832 AP Native Cell

  • Profile Picture

    RE: Remediations Acton Issue

    Posted in: SIEM

    If the Incident triggered and fired a notification then depending on the Notification Window defined in the Rule it won't trigger a notification again until either the Incident is cleared or the Notification Window expires. Suggest try clearing the Incident ...

  • Profile Picture

    RE: FortiWeb

    Posted in: SIEM

    The format needs to be the standard Key Value Pair log format. If you customise then the FortiSIEM parser may also need to be customised.

  • Profile Picture

    thread email

    does anyone experience here long thread of emails eventually tagged as spam or sent to quarantine?

  • Posted in: Public Cloud

    FortiWeb Cloud WAF-as-a-Service is a SaaS cloud-based web application firewall (WAF) that protects public cloud hosted web applications from the OWASP Top 10, zero day threats and other application layer attacks. Requiring no hardware or software FortiWeb ...

  • Posted in: Public Cloud

    More and more enterprises are turning to Microsoft Azure to extend internal data centers and take advantage of the elasticity of the public cloud. While Azure secures the infrastructure, you are responsible for protecting everything you put in it. Fortinet ...

  • Posted in: Secure SD-WAN

    Learn more: https://www.fortinet.com/products/sd-... Leveraging Fortinet Secure SD-WAN for cloud on-ramp to SaaS and multi-cloud improves the user experience for business applications. With integrated advance security, the enterprise branch security ...

    1 person recommends this.
  • Posted in: Secure SD-WAN

    Learn more on how the Fortinet Secure SD-WAN solution utilizes FortiAnalyzer and FortiManager to provide analytics and reporting for business applications, WAN health, and security. https://youtu.be/FEK0SankGH4 YouTube ...

    1 person recommends this.
  • Profile Picture

    RE: Palo Alto Firewall

    Posted in: SIEM
  • Profile Picture

    Related to SIEM Implementation Concerns

    Posted in: SIEM

    Dear Friends, I need your support to find answers/recommendations from FortiSIEM. Description Implementation Concerns Log Archival Process When restoration is required, is this happened in a bulk or can we add parameters i.e: like ...

  • Learn more on how the Fortinet Secure SD-WAN solution utilizes FortiAnalyzer and FortiManager to provide analytics and reporting for business applications, WAN health, and security. https://youtu.be/FEK0SankGH4 YouTube ...

  • Profile Picture

    FortiGuard Labs Playbooks

    Posted in: Threat Intelligence

    A playbook is a collection of the tools, techniques and procedures that cyber criminals use to achieve their goal, organized in a structured format. Our playbooks are mapped to the Mitre ATT&CK framework and represent the life cycle of a particular threat ...

  • Profile Picture

    RE: sentinelone integration

    Posted in: SIEM

    Hi Kalana, Just configure the sentinelone management console to send syslog to FortiSIEM. Either a collector or to the supervisor directly. Kind Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------ ...

  • Posted in: SIEM

    Hi Kalana, Yes, FortiSIEM is able to identify relayed logs, but it does expect the syslog-ng relay to prepend the standard Syslog-ng header to the log. If you go to Admin / Device Support / Parsers you will see SyslogNGParser at the top of the list. ...

  • Hi Patrick, Could you please ask you local SE to raise a case to CSE Team by providing cnfig and pcap files? Best Regards ...

  • The purpose of this video is to give a brief description for FortiAnalyzer and the use cases for FortiAnalyzer. FortiAnalyzer is Fortinet's Security Driven Analytics and Log Management Solution. FortiAnalyzer offer organizations with a way to centrally ...

  • T he purpose of this video is to give a brief description for FortiManager and the use cases for FortiManager. FortiManager is Fortinet's Next Generation Automation driven management solution. Using FortiManager, organizations can achieve scalability, ...

  • Attacks are getting more complex as the attack surface area increases. Tools for detect attacks have increased exponentially leaving many administrators confused as to how to handle breach detection. This video will help explain how to enable the IoC ...

  • What you are describing is a feature set used more commonly by ADC technologies like F5 vs. traditional WAF, but is something to take into consideration for future development efforts. NOTE: FortiADC, which competes directly with F5, supports this ...

  • Hi Patrick, TOS/WOS fields will be lost in Reverse Proxy mode. Sent from my iPhone *** Please note that this message and any attachments may contain confidential and proprietary material and information and are intended only for the use of the intended ...

  • Posted in: Threat Intelligence

    Fortinet has a unique perspective of the threat landscape. We distill that view into our quarterly threat reports. You can download and read the latest report here: https://www.fortinet.com/content/dam/fortinet/assets/threat-reports/threat-report-q2 ...

  • Profile Picture

    RE: VPN Connectivity

    Posted in: Public Cloud

    Thank you! ------------------------------ Bradley Consultant ------------------------------

  • Profile Picture

    ADVPN Route Reflector Not Working

    Posted in: IPsec/SSL VPN

    We are using ADVPN with iBGP and the routing protocol and FortiGates running 5.6.10 and 5.6.11. VPN Tunels are up, iBGP peering is up, 'route-relfector-client enable' is configured on the Hub in the 'neighbor-group' configuration section. Also, local-as ...

  • Profile Picture

    For IoT security, check out FortiNAC

    Posted in: NAC & IoT Security

    If you are looking for a solution for the issue of IoT and how to discover and identify headless devices on your network, look no further than ForitNAC. The FortiNAC solution can find and profile everything on your network, so you don't need to wonder ...

  • Hello, usually this is publicly documented here : https://docs.fortinet.com/document/fortigate/6.0.2/fortigatefortiosfeatureplatformmatrix Link Aggreation / Redundant Ports Regards

  • Profile Picture

    RE: Hardware performance analytics in FAZ

    I've had a couple of customers not having any SNMP Server inhouse prior to me getting there with the Fortigate solution. For these customers IT usually costs money and they even hesitate on buying the FAZ to start with. With some more leverage including ...

  • Profile Picture

    RE: Integration with HPE-Aruba ClearPass

    Posted in: Security Fabric
  • Profile Picture

    RE: SSLVPN using Azure AD (SAML)

    There is FortiOS NFR 505485 for implementing the SP role in FortiGate, which would allow SSO for SSL VPN users using Azure AD as the IdP. This would address your scenario without FAC. I am not sure what the status is of that NFR. We've also ...

  • Fortinet products deliver deep security with high value, exceeding typical firewall features in a feature-rich ecosystem. With so many options, it's possible to load down your system with common misconfigurations and missed maintenance. Join us for our ...

  • Fortinet products deliver deep security with high value, exceeding typical firewall features in a feature-rich ecosystem. With so many options, it's possible to load down your system with common misconfigurations and missed maintenance. Join us for our ...

  • Posted in: Endpoint Protection

    Remember Conficker and Wannacry. These threats exploit "fresh" vulnerabilities where patches were already available for at least 2-3 months and still Wreak havoc around the world. Now Microsoft is warning users not to repeat the history and we should ...

  • I believe the theoretical limit is 254 members.

  • Profile Picture

    RE: Best Practice

    Posted in: Deception

    Hello, May I suggest reviewing the FortiDeceptor guide ? Should you need additional technical help, please reach out to Kash (kash@fortinet.com), EMEA CSE team lead. Cheers, Damien

  • Hi, I need to block GitHub upload , i have tried to block it from web browser its working with the help of GITHUB Upload signature provided by the fortigate. But this signature is not capable of blocking upload from cmd line interface. Do anyone have ...