Hello!
So I was doing the questions of the Fortigate Essentials 6.2, the new "free course" by Fortinet, and I'm here with a doubt about 2 questions that I really think are wrong. Can someone confirm?
1º "Which NAT mode is supported by a VDOM configured as NGFW mode?
2º
"Which inspection mode allows administrators to select the network
applications from the firewall policy configuration?"
For me:
1º question: from my understanding, NGFW mode can be profile-based or policy-based, in the question they don't say which mode they are talking about, just "NGFW" mode... And they offer the option for Central SNAT and IP Pools...
2º question: from my understanding there is only 2 inspection modes: Flow-Based inspection and Proxy-Based inspection... So it would make sense if the question was "Which NGFW mode allows administrators...."
Am I wrong? I double checked the documentation and I'm almost sure about it, but I need to understand if there is something wrong with my knowledge, or it's an error in both questions...
Thank you!
2º
"Which inspection mode allows administrators to select the network
applications from the firewall policy configuration?"
The Answer is : NGFW Policy-Based Mode.
In this mode you select the applications not in Security Profiles/ Application Control / ....
You select the application direct in the policy.
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/978598/profile-based-ngfw-vs-policy-based-ngfw
Regards
Andreas
1º "Which NAT mode is supported by a VDOM configured as NGFW mode?
NGFW has two modes:
Policy-Based : It support central SNAT
Profile-based: It supports Firewall NAT
We will fix the question statement to be more clear.2º
"Which inspection mode allows administrators to select the network
applications from the firewall policy configuration?"
NGFW Policy-Based
Yes, you are right, there are two types of NGFW mode. We will fix this issue.
Saurabh Sharma
Network and Cloud Security Team Lead, NSE Curriculum Development
Hello!
So I was doing the questions of the Fortigate Essentials 6.2, the new "free course" by Fortinet, and I'm here with a doubt about 2 questions that I really think are wrong. Can someone confirm?
1º "Which NAT mode is supported by a VDOM configured as NGFW mode?
2º "Which inspection mode allows administrators to select the network applications from the firewall policy configuration?"
For me:
1º question: from my understanding, NGFW mode can be profile-based or policy-based, in the question they don't say which mode they are talking about, just "NGFW" mode... And they offer the option for Central SNAT and IP Pools...
2º question: from my understanding there is only 2 inspection modes: Flow-Based inspection and Proxy-Based inspection... So it would make sense if the question was "Which NGFW mode allows administrators...."
Am I wrong? I double checked the documentation and I'm almost sure about it, but I need to understand if there is something wrong with my knowledge, or it's an error in both questions...
Thank you!
Welcome to your new Fortinet Community!
You'll find your previous forum posts under "Forums"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.