Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
247ServerAdmin
New Contributor

Fortigate failing PENTEST and CyberSecurity Insurance Requirements

I have numerous clients that have rolled out the SSL portals/SSL VPNS and they are failing pentest's, compliance testing, cyber security insurance requirements.  
While I understand Fortigate published this article.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Penetration-test-on-FortiGate-with-SSL-VPN...

 

The fact remains the devices are failing, verification. We are having to switch over to IPSEC.  The developers need to take this matter more seriously. 

 

 

4 REPLIES 4
adambomb1219
Contributor III

FortiOS versions?

247ServerAdmin

ALL

adambomb1219

???? So its likely you are running versions with known vulnerabilities then?

247ServerAdmin

I think you misnderstand. All fortigates that use ssl vpn will fail pen tests regardless of the current firmware 

Labels
Top Kudoed Authors