HelloWould anyone know the commands to check file system for Indicators
of Compromise related to the above CVE? I understand that this was
affected only between 7.2.0 - 7.2.2, but we were running that version
before and we are now on 7.2.8I did get t...
HelloI've got 8 HA firewall pairs that I need to make sure the new IP
scheme from Mimecast is updated in the ISDB. Can this be done via the
FMG or do I need to go to each FortiGate HA pair? Or does the FMG only
point to the FortiGuard servers? Thank ...
Hello Anyone with experience out there that has updated their FGs with
such a big jump? I have to go from 6.2.5 in steps up to 6.2.11 - then it
has me going directly to 6.4.11 per the download tool on Fortinet
firmware page. I will perform the upgrad...
Hello - I have a customer who updated to version 7.2.3 to be clear of
the recent SSLVPN vulnerability; however, HA is out of sync and
comparing out puts it is showing the vpn.certficiate.ca. This shows to
be a bug in an earlier version. Any advice? T...
Hello I am trying to determine if a customer of mine has been infected
by the latest vulnerability. How do you access the Linux file system to
check if the files are present? Thank you
So for an HA pair of FortiGate's, would I need to check the standby
firewall as well? # diagnose debug crashlog read as well as the
libraries on each Primary/Standby device? # fnsysctl ls -l /data/lib
/data/lib/libips.bak /data/lib/libgif.so /data/li...
I actually had to go into the FortiGate (the root one) and view all of
the entries for that service. I was tasked to drill down deep to make
sure Mimecast new subnets were added to the ISDB. I'd imagine FortiGuard
works with all the different vendors...
Understood, Graham - thanks for responding.To be more specific on my
question, I know I am able to see all of the ISDB entries in the
FortiGate, but to save me time by going to 8 Firewall's, can I just look
somewhere at all the ISDB entries in FMG? O...
Has this setup actually worked? Seems as though there would be some
serious loops created and I would assume that each switch should have an
LACP port-channel formed between FGT-1 & FGT-2. Also if the software
switch is one big group - will it succes...
