I understand that when you dedicate a CPU core to management it allows
https or ssh access during a time when the CPU would be too busy to
respond but I'd like to take that a step further? Will that CPU be
leveraged for all or at least most other con...
I am trying to figure out how exactly the throughput numbers are
calculated. I've come across vendors doing it a couple of different
ways. Is it (in + out) + .... for all interfaces on the box? Does it
only count input our output?
This is a question for any Authenticator product people. I believe Dr.
Carl Windsor drives the Authenticator product. I am curious to know if
we could expect TACACS+ or any other additional protocol support in
FortiAuthenticator. It is rather appeali...
Stripping the tcp timestamp from traffic that passes through the
firewall is becoming a more frequent request as it is showing up on
various vulnerability scans. I see that some security appliances have a
command that specifically strips the timestam...
Yes, I was looking at the data sheets. I understand they are under ideal
conditions but I'm trying to wrap my head around some architecural
aspects of a few different devices. So if you have 200 Mbps of inbound
traffic across 3 interfaces and 200 Mbp...
I thought about IDS/IPS too but that won't fix the issue on the
Fortigate itself. It is offering secure web services using DH key
exchange, which is ok, but it uses 1024 bit (Group 2) in the
implementation and so far I have not found anyway to config...
I absolutely agree that this should be easily configured on the web
server. The problem that is outlined in this forum post is that the
Fortigate is the web server for this application and we are not given
the same controls that we have on apache or ...
I have noticed unstable connectivity to the web interface on models
ranging from 60C/D up through 200D using 5.2.4. It is very annoying but
if I had to choose an annoying bug over a vulnerability that makes the
entire product line fail PCI audits I'd...
