We have a number of FortiGate firewalls that we want to create the same
Geo Block Group holding a fairly long list of countries to block. We
don’t have a FortiManager. Does someone have a script to generate this
geo block group on the firewalls from ...
The most common issue we encounter is a client getting on a web page
claiming that they have a virus, must call a number, pay them money,
etc. We use FortiGate firewalls with UTP bundle. We have most of the
Security Profiles within the Policies turne...
I have read many helpful posts concerning SSL VPN security and different
approaches that can be used to improve security. So far we have unique
usernames, strong unique passwords, and geo filtering from the SSL-VPN
Settings / Restrict access to speci...
I was sent this article. It is amazing to me the amount of time that was
invested in hiding the script and the related activity. Are there any
tips or tricks to stopping melicious code like this?
https://threatresearch.ext.hp.com/raspberry-robin-now-...
Is it possible/feasible to update FortiGate firewalls FortiOS via a
script from a remote monitoring and management system? If so, is there a
sample script and recommendations available? We don't yet use
FortiManager. Only some firewalls have the paid...
Thanks hbac. This might be a useful solution. I don't know who to copy
from one firewall configuration and paste into another firewall
configuration. Is there a document that gives further explanation
concerning this process? Is it necessary to reboo...
Thank you both for your posts. We have previously created geo block
lists using these steps successfully. We would like to find a more
efficient way to create these lists. If we have say 50 countries that we
would like to include in these lists, and ...
Thanks. This appears to be a very good solution in the cases that we
know the IP address(s) of those that will connect to the firewall. Where
users are traveling, we will need to take further steps as we won't know
the host IP addresses. We already u...
Thanks rvillaroman. If 'Limit access to specific hosts' and/or use a
local-in policy, will connection attempts that violate these criteria
show up in the VPN login fail logs or will these be denied before the
log records the failure.
The only reason might be lack of experience with it. I have used it from
FortiGate to FortiGate with good success. Have hardly used it for a user
to connect from a PC to the firewall. Is this recommend in lieu of SSL
VPN?