Fortigate

Fortinet Certified Network Security Administrator

Objectives

The
Fortinet Certified Network Security Administratordesignation certifies that individuals have the expertise necessary to manage the day-to-day operations of FortiGate devices in support of specific corporate policies. Certification not only enriches an individual’s professional development, but it also offers many benefits to an organization by providing a reliable benchmark to evaluate skills and knowledge. Individuals with the FCNSA designation need to have a solid understanding of the day-to-day configuration and monitoring of FortiGate devices as well as a general understanding of the entire Fortinet product family of services and hardware.

Through this training, participants learn the basic configuration and administration aspects of the most commonly used features on the FortiGate Unified Threat Management (UTM) Appliance. Through interactive modules, participants explore firewall policies, user authentication, VPNs, virus detection, email filtering, web filtering, application control and more. FortiGate unit administrative fundamentals provide a solid understanding of how to integrate and ensure operational maintenance for optimal performance in the corporate environment


Prerequisites

  • Introductory-level network security experience
  • Basic understanding of firewall concepts

Who Should Attend

This introductory-level course is intended for anyone who is responsible for the day-to-day administration and management of a FortiGate unit. Students must be familiar with the topics presented in this course before attending the FortiGate Multi-Threat Security Systems II – Secured Network Deployment and IPSec VPN course.

FCNSA Syllabus:

Introduction to Fortinet Unified Threat Management


  • Introduction to Unified Threat Management
  • The Fortinet Solution
  • FortiGate Appliance Capabilities and Components
  • Device Administration (Firmware Upgrade, Downgrade)
  • Administrator Users
  • Initial Device Configuration (IPs, Gateway, DHCP, DNS)

Logging and Monitoring


  • Logging Severity Levels
  • Log Storage Locations
  • Log Types and Subtypes
  • Structure and Behavior of Logs
  • Traffic Log Generation
  • Viewing Logs (Log Viewer Filtering, Raw Logs)
  • Alert Email
  • SNMP
  • Event Logging
  • Monitoring
  • Customizing Status Widgets (GUI)

Firewall Policies


  • Firewall Policies (Types, Subtypes, Actions)
  • Log Storage Locations
  • Device Identification (Bring Your Own Device – BYOD)
  • Firewall Address Objects, Interfaces, Service Objects
  • Traffic Logging
  • Network Address Translation (Source NAT)
  • NAT Dynamic IP Pool (Source NAT)
  • Central NAT
  • Traffic Shaping
  • Source NAT IP Address and Port
  • Fixed Port (Source NAT)
  • Virtual IPs (Destination NAT)
  • Threat Management
  • Denial of Service Policies
  • Endpoint Control
  • Firewall Policy Object Management (Object Tagging)
  • Monitoring Policies

Local User Authentication


  • Local User Authentication
  • User Authentication via Remote Server
  • User Authentication Groups
  • Identity-Based Policies
  • Disclaimers
  • Password Policies
  • Two-Factor Authentication
  • Policy Configuration
  • User Monitor

SSL VPN


  • Virtual Private Networks
  • FortiGate Device VPNs
  • SSL VPN Operating Modes (Web-Only, Tunnel)
  • User Groups
  • Authentication
  • SSL VPN Server Certificate
  • Encryption Key Algorithm
  • Web Portal Interface
  • Full-Access Web Portal Interface
  • Tunnel Mode Split-Tunnelling
  • Client Checking (Integrity Checks, Host Checks)
  • Tunnel Mode Connection
  • Client Port Forward
  • Policy De-Authentication
  • Access Modes (Web Mode, Tunnel Mode, Port Forward Mode)
  • SSL VPN Configuration

IPSec VPN


  • IPSec VPN
  • Internet Key Exchange
  • Defining Phase 1 and Phase 2
  • Parameters
  • IPSec VPN Modes (Interface Mode,Tunnel Mode)
  • Overlapping Subnets
  • IPSec Topologies
  • IPSec VPN Monitor
  • IPSec VPN Configuration

Antivirus


  • Conserve Mode
  • Antivirus Fail-Open
  • Antivirus Overview
  • Scanning Order
  • Proxy-based Scanning
  • Flow-based Scanning
  • Virus Databases
  • Unknown and Known Viruses
  • Heuristic Scanning
  • Antivirus Profiles
  • UTM Proxy Options
  • Quarantine
  • Logging

Email Filtering


  • Email Filtering
  • Spam Actions
  • Email Filtering Methods
  • Email Filtering Order of Operations(SMTP)
  • Email Filtering Order of Operations
  • FortiGuard IP (Address, URL, Email
  • Address and Email Checksum Check)
  • IP Address Black/White List (BWL)
  • Email Address Black/White List
  • HELO DNS Lookup
  • Return Email DNS Check
  • Banned Word Check
  • MIME Headers Check
  • DNSBL and ORDBL Check
  • Dealing with False Positives
  • FortiGuard Email Filtering Options
  • Email Filter Profile

Web Filtering


  • Web Filtering Overview
  • Types of Web Filtering (Proxy-based,Flow-based, DNS-based)
  • Web Filtering Activation
  • HTTP Inspection Order
  • Web Content Filtering
  • Web URL Filtering
  • Forcing Safe Search
  • FortiGuard Category Filter
  • FortiGuard Caching,Usage Quotas,Rating Submissions and Rating Overrides
  • Local Categories
  • Filtering Actions (Warning, Authenticate)
  • Web Filter Profiles

Application Contro


  • Application Control
  • Application Control Overview
  • Application Control Lists
  • Application Control Profiles
  • Order of Operations
  • Implicit Rules
  • Creating Filter Rules
  • Application Categories
  • Proper Identification
  • Functional Overview (Under the Hood)
  • Peer-to-Peer Detection