La descarga está en progreso. Por favor, espere

La descarga está en progreso. Por favor, espere

Introduction to Fortinet Unified Threat Management.

Publicada porOMAR Garcia Modificado hace 5 años

Presentaciones similares

Presentación del tema: "Introduction to Fortinet Unified Threat Management."— Transcripción de la presentación:

1 Introduction to Fortinet Unified Threat Management

2 Module Objectives By the end of this module participants will be able to: Identify the major features of the FortiGate Unified Threat Management appliance Access and use the FortiGate administration interfaces Create administrators Configure the FortiGate unit for the lab environment used to complete the hands-on exercises

3 Traditional Network Security Solutions Firewall Antivirus Antispam WAN Optimization Web Filtering Application Control Intrusion Prevention VPN

4 Traditional Network Security Solutions Firewall Antivirus Antispam WAN Optimization Web Filtering Application Control Intrusion Prevention VPN Many single purpose systems needed to cope with a variety of threats

5 Fortinet Solution Firewall Antivirus Antispam WAN Optimization Web Filtering Application Control Intrusion Prevention VPN and more…

6 Fortinet Solution Firewall Antivirus Antispam WAN Optimization Web Filtering Application Control Intrusion Prevention VPN and more… One device provides a comprehensive security and networking solution

7 Fortinet Solution Hardware Purpose-driven hardware

8 Fortinet Solution Hardware FortiOS Specialized operating system

9 Fortinet Solution Hardware FortiOS FirewallAV Web Filter IPS … Security and network-level services

10 Fortinet Solution Hardware FortiOS FortiGuard Subscription Services FirewallAV Web Filter IPS … Automated update service Click here to read more about the Fortinet solution

11 Fortinet Solution Headquarters Branch office Home office

12 Fortinet Solution Headquarters Branch office Click here to read more about the Fortinet solution

13 Home office Fortinet Solution Headquarters Branch office FortiGate platform Management, reporting and analysis appliances FortiGuard Subscription Services Click here to read more about the Fortinet solution

14 FortiGate Capabilities Firewall

15 FortiGate Capabilities Antivirus

16 FortiGate Capabilities Email filtering

17 FortiGate Capabilities Web filtering

18 FortiGate Capabilities Intrusion prevention

19 FortiGate Capabilities Application control

20 FortiGate Capabilities Data leak prevention

21 FortiGate Capabilities WAN optimization

22 FortiGate Capabilities Secure VPN

23 FortiGate Capabilities Wireless

24 FortiGate Capabilities Dynamic routing

25 FortiGate Capabilities Endpoint compliance

26 FortiGate Capabilities Virtual domains

27 FortiGate Capabilities Traffic shaping

28 FortiGate Capabilities High availability

29 FortiGate Capabilities Logging and reporting

30 FortiGate Capabilities Click here to read more about the capabilities of the FortiGate device Authentication

31 FortiGate Unit Components Intel CPU

32 FortiGate Unit Components FortiASIC content processor

33 FortiGate Unit Components FortiOS 4.0

34 FortiGate Unit Components DRAM and flash memory

35 FortiGate Unit Components Hard disk

36 FortiGate Unit Components Interfaces

37 FortiGate Unit Components Console port

38 FortiGate Unit Components USB port

39 FortiGate Unit Components WirelessModule slot bays PC card slot

40 Fortinet Appliances FortiAnalyzer FortiMail FortiManager FortiScan FortiBridge FortiCarrier FortiDB FortiWifi FortiWeb FortiSwitch FortiVoice FortiAP FortiGate-ONE FortiClient

41 FortiGuard Subscription Services

42 Device Administration Web Config CLI Click here to read more about using the CLI

43 Administrators Customized access Full access Read-only access Scope: VDOM or Global

44 Global Scope Super Admin Profiles

45 Admin Profiles System Configuration Network Configuration Firewall Configuration UTM Configuration VPN Configuration etc Read Read-Write Admin Profile

46 Administrators Full access within a single virtual domain Full access super-admin profile Custom access custom profile prof-admin profile

47 Administrator Authentication Username and Password (one factor) FortiToken (two factor) +

48 Device Configuration Setting *.conf

49 Device Configuration *.conf Device configuration settings can be saved to an external file Optional encryption The file can be restored to rollback device to a previous configuration SCP supported for configuration restore FortiGate unit acts as SCP server set admin-scp enable Example - Restore from Linux scp @ :fgt-restore-config

50 Per VDOM Configuration File

51 Configuration Restore using SCP Protocol Must rename to sys_config during upload scp admin@192.168.3.254:sys_config Full configuration file Includes all VDOMs

52 DHCP Server – IP Reservation

53 IP address reserved and always assigned to the same DHCP host Select an IP address or choose an existing DHCP lease to add to the reserved list Identify the IP address reservation as either DHCP over Ethernet or DHCP over IPSec MAC address of the DHCP host is used to look up the IP address in the IP reservation table DHCP Server – IP Reservation

54 FortiGate DNS Server Resolve DNS lookups from an internal network Methods to set up DNS for each interface: Relay DNS requests to the DNS servers configured for the unit Resolve DNS requests using a FortiGate DNS database Unresolved DNS requests are dropped Split DNS configuration DNS requests can be resolved using a FortiGate DNS database and any unresolved DNS requests can be relayed to DNS servers configured for the unit One DNS database can be shared by all the FortiGate interfaces If VDOMs are enabled, a DNS database needs be created in each VDOM

55 DNS Server Configuration DNS zones need to be added when configuring the DNS database Each zone has its own domain name DNS entries are added to each zone An entry includes a hostname and the IP address it resolves to Each entry also specifies the type of DNS entry IPv4 address (A) or an IPv6 address (AAAA) name server (NS) canonical name (CNAME) mail exchange (MX) name IPv4 (PTR) or IPv6 (PTR)

56 DNS Service Add a new DNS Service to an interface and select a mode: Recursive Non-recursive Forward to System DNS (forward-only) CLI equivalent: config system dns-server edit wan1 set mode recursive

57 DNS Zones Create a new zone (Master)

58 DNS Zones Create a new zone (Slave)

59 DNS Records Add DNS entries

60 Classroom Lab Topology

61 Labs Lab – Virtual Lab Environment Basics Logging in to the Virtual Lab Environment Click here for instructions on accessing the virtual lab environment Lab - Initial Setup Exploring the CLI Accessing Web Config Configuring Network Interfaces Configuring the FortiGate DNS Server Enabling DNS Recursive Configuring Global System Settings Configuring Administrative Users Click here for step-by-step instructions on completing this lab

62 Student Resources Click here Click here to view the list of resources used in this module

Descargar ppt "Introduction to Fortinet Unified Threat Management."

Presentaciones similares

Seguridad Integral en Tiempo Real

Seguridad Integral en Tiempo Real
PLEASE READ (hidden slide) This template uses Microsofts corporate font, Segoe Segoe is not a standard font included with Windows, so if you have not.

PLEASE READ (hidden slide) This template uses Microsofts corporate font, Segoe Segoe is not a standard font included with Windows, so if you have not.
Control en cascada.

Control en cascada.
Editing Slides With Polaris Office, you can create new .ppt and .pptx presentations or edit your presentation with ease.

Editing Slides With Polaris Office, you can create new .ppt and .pptx presentations or edit your presentation with ease.
Internet Red Modelo con productos Ansel A S B Ansel Smart Box A S B Ansel Smart Box.

Internet Red Modelo con productos Ansel A S B Ansel Smart Box A S B Ansel Smart Box.
NETGEAR: Business Solutions For Any Size Customer Switching Storage Wireless Security HOY : Howto VPN redundante.

NETGEAR: Business Solutions For Any Size Customer Switching Storage Wireless Security HOY : Howto VPN redundante.
Telling Time.

Telling Time.
DETECCIONES DE INTRUSIONES CON PROSECURE Netgear Solutions.

DETECCIONES DE INTRUSIONES CON PROSECURE Netgear Solutions.
CPU 8088 vs. Pentium TEEL 4011 Prof. Jaime José Laracuente-Díaz.

CPU 8088 vs. Pentium TEEL 4011 Prof. Jaime José Laracuente-Díaz.
Notes #18 Numbers 31 and higher Standard 1.2

Notes #18 Numbers 31 and higher Standard 1.2
Sistemas de Información Agosto-Diciembre 2007 Sesión # 3.

Sistemas de Información Agosto-Diciembre 2007 Sesión # 3.
Colocar la puerta de enlace en la barra de Direcciones del explorador.

Colocar la puerta de enlace en la barra de Direcciones del explorador.
La Programación de Sistemas Oscar José Luis Cruz Reyes

La Programación de Sistemas Oscar José Luis Cruz Reyes
DHCP, DNS, WINS. Repaso..

DHCP, DNS, WINS. Repaso..
Mi dormitorio My bedroom

Mi dormitorio My bedroom
WWW. WIRELESS WIFI Wireless-Fidelity Es un mecanismo de conexión de dispositivos electrónicos de forma inalámbrica.

WWW. WIRELESS WIFI Wireless-Fidelity Es un mecanismo de conexión de dispositivos electrónicos de forma inalámbrica.
¿Qué haces en la escuela? Question words, objects, yo-go’s.

¿Qué haces en la escuela? Question words, objects, yo-go’s.
Introducción Nivel 4. Modelo OSI Propiedades Nivel 4 Entrega de mensajes garantizada. Entrega de mensajes en el mismo orden en el que fueron enviados.

Introducción Nivel 4. Modelo OSI Propiedades Nivel 4 Entrega de mensajes garantizada. Entrega de mensajes en el mismo orden en el que fueron enviados.
CONJUGATION.

CONJUGATION.
Ing. Michael Puma Huanca

Ing. Michael Puma Huanca

Presentaciones similares

Anuncios Google