Skip to main content
nplljw
nplljw
New Member
January 3, 2025
Solved

Fortigate's Best Practices in Industrial Safety Environments

  • January 3, 2025
  • 3 replies
  • 1938 views

您好,客户的 foritgate 60f 防火墙已购买 ATP 和工业安全服务的许可证,并将在生产环境中以透明模式部署。我想了解一下在这个环境下如何完成防火墙部署,这个部署有哪些注意事项,以及如何使用工业安全服务特性库

Best answer by ozkanaltas

Hello @nplljw ,

 

In the beginning, you can use industrial signatures with application control and ips on monitor mode. I think this is a good start. After 1-2 weeks you can review logs and you can define for some signatures block mode. I know industrial networks are so strict and sensitive, and because of that firstly you should start with monitor mode. 

 

Also, you can review documents on the Operational Technology solution hub.

 

https://docs.fortinet.com/operational-technology

 

 

3 replies

ozkanaltas
ozkanaltasAnswer
Valued Contributor III
January 3, 2025

Hello @nplljw ,

 

In the beginning, you can use industrial signatures with application control and ips on monitor mode. I think this is a good start. After 1-2 weeks you can review logs and you can define for some signatures block mode. I know industrial networks are so strict and sensitive, and because of that firstly you should start with monitor mode. 

 

Also, you can review documents on the Operational Technology solution hub.

 

https://docs.fortinet.com/operational-technology

 

 

nplljw
nplljwAuthor
New Member
January 3, 2025

Hello, did the application control configuration file call the default during early deployment

ozkanaltas
ozkanaltas
Valued Contributor III
January 3, 2025

Hello @nplljw ,

 

If you didn't use industrial signatures before you should enable these signatures. After enabling, you can see industrial signatures on your FortiGate and you can use these signatures on your app control and ips profiles.

 

config ips global set exclude-signatures none end

 

    AEK
    SuperUser
    AEK
    SuperUser
    January 3, 2025

    First, FGT 60F is a small entry level model and I think you should check if it supports industrial DB if it is not already done.

    In transparent mode you don't have gateways on your FortiGate so there is no need to change anything in your existing network topology.

    Using monitor mode as mentioned by Ozkan is a good idea, this will avoid disturbing your production traffic.

    On the other hand, OT security has its special practices and recommendations, so for better knowledge on OT security you may read the OTS study guide available on the Fortinet training portal.

    AEK
    dingjerry_FTNT
    Staff
    dingjerry_FTNT
    Staff
    January 3, 2025

    Hi @nplljw ,

     

    Please use English in this Community if you need assistance from all users.  Otherwise, only those who can read your message may assist you.

    Terms & ConditionsAccessibility statement