Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
unknown1020
Contributor

Created on ‎09-06-2023 07:03 PM

Fortigate Best practice

friends good day.

Based on your experience, what other good practices do you recommend to mitigate cybercriminal attacks?

Apart from not having open ports, policies without utm, vulnerable version of fortios, vpn ssl (port 443/10443) configuration.

 

Note: I have already read the cookbooks but I would really like to read your comments based on your experiences in this world of networks.

Labels:
755
0 Kudos
1 REPLY 1
sjoshi
Staff
Staff

Created on ‎09-07-2023 01:11 AM

Dear unknown1020,

 

You can configure UTM profile in internet policy

DOS policy can be implemented

If there is any published server then in the incoming policy make sure to use AV, IPS

Dont allow public access on PUBLIC IP

You can use ZTNA for secure access of internal server remotely

Local in policy can be configured

 

For further details you can follow

https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/436606/security-best-pra...

Salon Raj Joshi
Fortinet Certified Expert (FCX) | #NSE8-003459
719
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.