Module1: Introduction and Initial Configuration

• Administrative methods – CLI (console, SSH or GUI widget) or GUI
• Configure Mgmt Interface
• Define operation mode – Routed/Transparent
• Administrative users & profiles
• Feature Visibility
• Interface configuration

Module2: Firewall Policies

• Configure firewall objects and policies
• Configure source match options available firewall policies
• Apply firewall policy logging options
• Use policy lookup to find matching policy

Module3: Network Address Translation (NAT)

• Configure policy with source NAT – SNAT
• Configure policy with destination NAT – DNAT4

Module4: Firewall Authentication

• Configure an LDAP Server on HQ-FG1 firewall for remote authentication
• Configure captive portal so users connecting to the network are forced to authenticate

Module5: Logging and Monitoring

• Configuring Logging on DC-FG1 and DC-FG2
• Monitoring logs via GUI

Module6: Web Filtering

• Configure web filtering on HQ-FG1
• Enable catergory based filter and apply to a Firewall policy

Module7: Application Control

• Creating an application control profile on HQ-FG1
• Configure and monitor traffic shaping for application control

Module8: Intrusion Prevention and Denial of Service

• Configure IPS Sensor and apply IPS inspection on HQ-FG1 firewall
• Blocking known exploits on HQ-FG1 firewall

Module9: Dialup IPsec VPN

• Deploy a dialup VPN for Forticlient
• Verify VPN connectivity from PC3 to HQ-FG1

Fortigate Infrastructure:

Module1: Routing

• Configure dynamic routing protocol (OSPF) for IPv4 traffic on DC-FG1 firewall
• Configure BGP between Firewall DC-FG1 and router R3
• Configure redistribution of OSPF routes into BGP on DC-FG1

Module2: Virtual Domains

• Configure split-task VDOM mode on Branch firewall BR1-FG1 and assign interfacesgn interfaces
• Configure separate security outbound policy on traffic VDOM

Module3: FortiManager & FortiAnalyzer

• Create HeadQuarter and Branch ADOMS on Fortimanager and assign HQ-FG1 and BR2-FG1 to the respective ADOM
• Configuring BR2-FG1 and HQ-FG1 firewalls from Fortimanager
• Configuring FortiAnalyzer as log collector for Branch and HQ Firewalls for analytics

Module4: High Availability (HA)

• Configure High availability between two firewalls DC-FG1 and DC-FG2 in Active-Passive mode
• Manual failover of the firewalls to verify High Availability
• Configure High availability between two firewalls DC-FG1 and DC-FG2 in Active-Active mode

Module5: Web Proxy

• Configure HQ-FG1 firewall to act as an explicit web proxy
• Use a PAC file to configure explicit proxy settings in user machine web browsers

Module6: Site-to-Site IPsec VPN

• Configure IPSec VPN between Branch office BR1-FG1 and HeadQuarter HQ-FG1 using Pre-Shared Key authentication
• Configure IPSec VPN between Branch office BR2-FG1 and HeadQuarter HQ-FG1 via Fortimanager using Pre-Shared Key authentication

Module7: Software-Defined WAN (SD-WAN)

• Configure SD-WAN between HQ-FG1 and BR1-FG1 to load balance traffic over Internet and MPLS link based on lowest latency
• Configure SD-WAN between HQ-FG1 and BR2-FG1 to load balance traffic over Internet and MPLS link based on lowest latency via FortiManager

Module8: Fortinet Single Sign-On (FSSO)

• Configure SSO on Fortigate firewall HQ-FG1
• Test the automatic user identification by generating user logon events
• Monitor the SSO status and operation

Module9: Diagnostics

• Executing Diagnostic commands
• Troubleshooting issues using the sniffer

Contact Us