The only link I can find on the support site with this scenario I am
wanting to achieve is
https://community.fortinet.com/t5/FortiGate/Technical-Tip-DNS-database-with-FortiGate-as-a-slave-to-a/ta-p/192942
where it gives the basic items to do to get t...
Playing around with doing some prep work on security profiles I will be
implementing once I micro-segment my datacenter traffic some. It's
pretty straight forward based on the IPS filtering options, to create a
sensor to protect a DHCP or DNS server ...
My setup is that of your traditional legacy WAN hub (data center) and
spoke (branch sites). Currently, my only Internet access is at my data
center. Even though they are on private WAN connections, the branch
locations' connection to the WAN is via F...
I know enough about FortiAuthenticator to be dangerous, so forgive me if
I come across ignorant on the product. I currently have mine setup where
I have a SAML connection to Azure where I can pull user and group
information; however, the only login e...
I am tweaking my DoS policies and have two inquiries for further
clarification purposes. I understand that my destination address in the
policy needs to be the public facing IP address for the servers/services
I am wanting to protect. 1. Is the firew...
Hmmm...someone might come with some other automated GUI way to do this,
but if you don't have any form of device management at your disposal,
then you will have to rely on yourself or the user to perform this task.
The task can be simplified from the...
How do you manage your user devices currently? You said you don't have a
on-prem DC, so does this mean you have a DC in Azure maybe? Are you
maybe using a MDM like InTune or AirWatch, etc... You can deploy the
certificate to your devices via your MDM...
I would also take a look at these three links as they mention Teams
dropping calls behind a FortiGate.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Microsoft-Teams-calls-dropping/ta-p/230203https://community.fortinet.com/t5/FortiGate/Tec...
I keep a 100 user license of this just in the hopes that it does mature
enough to think about swapping back to it. I bought back when EMS was
v1.2 and FortiClient was a 5.x to use as my AV solution for my PCs and
MacBooks (which accounts for 90% of m...
I like the idea of having your servers protected from both external and
internal users. This will give you maximal security, but also be mindful
of the work it takes to maintain that. This is why those IPS sensors
need to be customized down to your e...