Hello, I cannot properly read rolled logs exported from FortiAnalyzer
because they contain strange character I have found some tips at forinet
community site advising to change settings to roll logs differenty.
E.g.Technical Tip: How to export rolled...
Hello, To meet our conformity requirements, our organization sends all
FortiGate logs to a syslog server. However, approximately 90% of these
logs have limited usefulness for security monitoring purposes. If we
were to remove these logs from FortiGat...
Hello everyone, Outgoing Remote Desktop Protocol (RDP) are risky since
it is possible for the client to share her local drives with the server
(as well as network drives, usb drives, printers, ports, clipboard,
etc.) Is it possible for FortiGate to i...
Hello, We are dealing with botnet CnC DNS related requests. DNS Filter
is being aplied in FortiGate so DNS requests asking to resolve malicious
domains are successfully redirected to Block Portal By the way,
FortiAnalyzer shows corresponding events a...
Hello, We have a fortigate FortiGate v6.4.11 running in our
dependencies, and we try to block any connection to botnet C&C We've got
a policy with 2 Security Profiles:DNS Filter redirects botnet C&C
requests to Block Portal and uses Fortiguard Based ...
I'd like to know that too.Before restricting VPN access based on OS
version, it is necessary to know how may clients will be affected. I can
access Fortigate logs, but I cannot access VPN users forticlient
logs.Any idea is welcome!
Hello Johnharper,Thanks for your answer. I am looking for log management
in the reference manual, but i can't find it.Do you think you could help
me find the details in the reference manual?Thank you
Thanks for your clarification. Am I right if I say the following?DNS
Filter will redirect to a Block Portal any DNS request asking for
blacklisted botnet domain, independnetly of the DNS server
reputation.IPS will block DNS requests to a blacklisted ...
Hello, Thank you for your help. No EMS Manager at hand right
now.Security settings at th ensilo console shows the following policies,
and all of them are oset to "simulation":Execution
PreventionExfiltration PreventionRansomware PreventionDevice
Cont...
Thanks. I get "Unkonwn action 0"Fortigate1 $ diag firewall iprope lookup
10.187.1.100 12345 8.8.8.8 53 udp port2 Unknown action 0Maybe I need to
be administrator? I am on a readonly user