Hi guys inherited this (I believe a lot of it will change)
Have to do scheduled checks for auditing this, a couple of queries
How old is Fortigate 100D , how many versions is it behind?
Whats best way to plan a firewall audit, (it involves different customers who we host so there is history which I don't have yet, that takes time) any best way to plan the FW audit , other than what I have below
1. Are there VPNs for clients that have left or they have broken? 2. Are there firewall rules/address objects etc for clients that have left or systems that have been decommissioned 3. Any old routes? 4. Any old public IP objects?
I can take a backup of the config as well, are there any exams worth doing for Fortigate I haven't used Fortigate before but have done CCNA etc I am looking at their professional course which is free during Covid and very helpful :)
The 100D is two series behind right now as the E and F have followed it. However, it can still be under support for about 2 1/2 more years. I just looked and was surprised to see that it can actually run 6.2.x code so that's all but the latest train currently. How many "versions behind" it is depends on what code you're currently running on the box.
I can't say I have experience doing a firewall audit as an outsider but I do regular maintenance on my own and I would suggest making sure good comments are entered for each firewall rule/object as you go so that you can answer the question of why something exists down the road.
Thanks very much yes thats a good plan
I start with whats there originally right now (starting new role so seems best way to do it)
Much appreciated do you know of any exams that would be applicable for starting off in Fortigate?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.