friends good day.
Based on your experience, what other good practices do you recommend to mitigate cybercriminal attacks?
Apart from not having open ports, policies without utm, vulnerable version of fortios, vpn ssl (port 443/10443) configuration.
Note: I have already read the cookbooks but I would really like to read your comments based on your experiences in this world of networks.
Dear unknown1020,
You can configure UTM profile in internet policy
DOS policy can be implemented
If there is any published server then in the incoming policy make sure to use AV, IPS
Dont allow public access on PUBLIC IP
You can use ZTNA for secure access of internal server remotely
Local in policy can be configured
For further details you can follow
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.