Hi Everyone, I am being tested at work for my networking skills with a huge lab and I dont have any experience in firewalls, I have a ccna routing and switching only and I am being asked to design a 2 site network(site one> fortigate, core switch and access switch, site 2 is a single switch). I think I found a (Second) mistake in the lab(the first was an IP that made no sense and I found in like 15 min of looking). The scenario is that we have a snmp server in our server subnet that is getting attacked and I must block the relevant ports, I only have one fw policy that allows anything from the internet at all that isnt a vpn client(really its 2 because of a redundant backup ISP connect but doesnt affect this), this uses 2 a virtual ips I have for a webserver in a dmz. Internal users and the webserver have internet access. There are no other allowed policies from either internet port, just the ones from the isp to the webserver dmz. Does the implicit deny already cover this attack? I feel like denying anything that hasnt already been allowed by another policy is redundant. Or please correct me, I have never touched a firewall before, so this lab feels way over my head but I think ive managed to complete everything he threw at me even though im completely lost on the fortigate stuff. Super proud of what i built but i want to be sure if im going to say he messed up(again). Also do i need to make policies for the two isp connections to the two internal connections(redundant) to block anything in particular? I made some rules that block all too all from Internet to inside but as i think about this they seem to also be redundant. Thanks for any feedback. Please let me know if I am not being clear.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If you are sure about the ports that are to be allowed on the server then in the firewall policy you can define those ports in the services field. The rest of the ports for the server traffic will be denied by the implicit deny policy. On top of that, you can also use security profiles example IPS and AV in the server policy so that the malware and viruses and other attacks can be blocked by the firewall.
If you are sure about the ports that are to be allowed on the server then in the firewall policy you can define those ports in the services field. The rest of the ports for the server traffic will be denied by the implicit deny policy. On top of that, you can also use security profiles example IPS and AV in the server policy so that the malware and viruses and other attacks can be blocked by the firewall.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1710 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.