Fortigate Security

he Fortinet Training Institute is committed to developing experts in the field of cybersecurity through training and certification programs for customers, partners, and employees, as well as many academic and education outreach partnership programs around the world.

Module1: Introduction and Initial Configuration

  • Administrative methods – CLI (console, SSH or GUI widget) or GUI
  • Configure Mgmt Interface
  • Define operation mode – Routed/Transparent
  • Administrative users & profiles
  • Feature Visibility
  • Interface configuration

Module2: Firewall Policies

  • Configure firewall objects and policies
  • Configure source match options available firewall policies
  • Apply firewall policy logging options
  • Use policy lookup to find matching policy

Module3: Network Address Translation (NAT)

  • Configure policy with source NAT – SNAT
  • Configure policy with destination NAT – DNAT4

Module4: Firewall Authentication

  • Configure an LDAP Server on HQ-FG1 firewall for remote authentication
  • Configure captive portal so users connecting to the network are forced to authenticate

Module5: Logging and Monitoring

  • Configuring Logging on DC-FG1 and DC-FG2
  • Monitoring logs via GUI

Module6: Web Filtering

  • Configure web filtering on HQ-FG1
  • Enable catergory based filter and apply to a Firewall policy

Module7: Application Control

  • Creating an application control profile on HQ-FG1
  • Configure and monitor traffic shaping for application control

Module8: Intrusion Prevention and Denial of Service

  • Configure IPS Sensor and apply IPS inspection on HQ-FG1 firewall
  • Blocking known exploits on HQ-FG1 firewall

Module9: Dialup IPsec VPN

  • Deploy a dialup VPN for Forticlient
  • Verify VPN connectivity from PC3 to HQ-FG1


Fortigate Infrastructure:


Module1: Routing

  • Configure dynamic routing protocol (OSPF) for IPv4 traffic on DC-FG1 firewall
  • Configure BGP between Firewall DC-FG1 and router R3
  • Configure redistribution of OSPF routes into BGP on DC-FG1

Module2: Virtual Domains

  • Configure split-task VDOM mode on Branch firewall BR1-FG1 and assign interfacesgn interfaces
  • Configure separate security outbound policy on traffic VDOM

Module3: FortiManager & FortiAnalyzer

  • Create HeadQuarter and Branch ADOMS on Fortimanager and assign HQ-FG1 and BR2-FG1 to the respective ADOM
  • Configuring BR2-FG1 and HQ-FG1 firewalls from Fortimanager
  • Configuring FortiAnalyzer as log collector for Branch and HQ Firewalls for analytics

Module4: High Availability (HA)

  • Configure High availability between two firewalls DC-FG1 and DC-FG2 in Active-Passive mode
  • Manual failover of the firewalls to verify High Availability
  • Configure High availability between two firewalls DC-FG1 and DC-FG2 in Active-Active mode

Module5: Web Proxy

  • Configure HQ-FG1 firewall to act as an explicit web proxy
  • Use a PAC file to configure explicit proxy settings in user machine web browsers

Module6: Site-to-Site IPsec VPN

  • Configure IPSec VPN between Branch office BR1-FG1 and HeadQuarter HQ-FG1 using Pre-Shared Key authentication
  • Configure IPSec VPN between Branch office BR2-FG1 and HeadQuarter HQ-FG1 via Fortimanager using Pre-Shared Key authentication

Module7: Software-Defined WAN (SD-WAN)

  • Configure SD-WAN between HQ-FG1 and BR1-FG1 to load balance traffic over Internet and MPLS link based on lowest latency
  • Configure SD-WAN between HQ-FG1 and BR2-FG1 to load balance traffic over Internet and MPLS link based on lowest latency via FortiManager

Module8: Fortinet Single Sign-On (FSSO)

  • Configure SSO on Fortigate firewall HQ-FG1
  • Test the automatic user identification by generating user logon events
  • Monitor the SSO status and operation

Module9: Diagnostics

  • Executing Diagnostic commands
  • Troubleshooting issues using the sniffer

Contact Us


Scroll to Top