Enterprise Firewall (NSE 7)

This course is intended for networking and security professionals involved in the administration and support of a security infrastructure using FortiGate appliances.

After completing this course, you will be able to:

• Monitor traffic passing through FortiGate
• Optimize FortiGate memory usage
• Diagnose using FortiGate tools such as the built-in sniffer and "diagnose debug flow" command
• Monitor statistics for user traffic, traffic shaping, user authentication, IPsec, web proxy, BGP, OSPF and HA
• Troubleshoot issues with conserve mode, high CPU, firewall policies, session helpers, user authentication, *IPsec, FortiGuard, UTM inspection, explicit web proxy, routing, and HA
• Describe the processing flow of FortiGate packet inspection
• Configure FortiGate for external BGP and OSPF

DAY ONE

Module 1: Security Fabric

• Configuring the Security Fabric
• Troubleshooting: Security Fabric
• Physical and logical topology views

Module 2: FortiOS Architecture

• System information

Module 3: System Troubleshooting

• Crash Logs

Module 4: Traffic and Session Monitoring

• Exploring the session table
• Troubleshooting: Connectivity issues

Module 5: Routing

• Failover of existing sessions
• Troubleshooting: Routing

DAY TWO

Module 6: FortiGuard

• Troubleshooting: Local FDS issue
• Troubleshooting: Rating lookups

Module 7: Central Management

• FortiManager and registration

Module 8: OSPF

• Configuring OSPF
• Troubleshooting: OSPF

Module 9: Web Filtering and Antivirus

• Configuring Web Filtering and AV
• Troubleshooting: Web Filetering
• Troubleshooting: Antivirus

DAY THREE

Module 10: IPS

• Configuring IPS
• IPS custom signatures

Module 11: BGP

• Configuring BGP
• Troubleshooting: BGHP neighbor
• Troubleshooting: BGP routing
• Configuring prefix lists

Module 12: IPsec

• Troubleshooting: IPsec
• VPN Manager

Module 13: Auto Discovery VPN

• Configuring ADVPN and IBGP
• Troubleshooting: OSPF and BGP

This course assumes advanced knowledge of networking and FortiGate-specific fundamentals. As a result, if you are new to FortiGate, we do not recommend that you skip FortiGate I and II.

The student should also possess:

• Knowledge of network protocols
• Knowledge of network security concepts
• FortiGate I AND FortiGate II (NSE 4)

You must have a computer with:

• High-speed Internet connection
• Up-to-date web browser
• PDF viewer
• Speakers / headphones
• Either: HTML 5 support or Up-to-date Java runtime environment (JRE) with Java plugin enabled in your web browser
• Wired Ethernet connection (not Wi-Fi) recommended. Firewalls including Windows Firewall or FortiClient must allow connections with the online labs.