Академический Документы
Профессиональный Документы
Культура Документы
Course Overview
FortiGate Multi-Threat Security Systems I is a 2-day instructor-led training course that
provides a comprehensive foundation of configuration and troubleshooting knowledge which prepares you for the day-to-day management of FortiGate Unified Threat Management appliances. Through extensive hands-on labs, students work through a real-world configuration example that employs the most common features applicable to enterprises of all sizes. Participants also gain a solid understanding of how to integrate FortiGate UTM security appliances into their existing environment, and the operational maintenance involved to ensure optimal performance and protection of their corporate assets.
Course Objectives
Upon completion of this course, students will be able to:
o
Use the GUI and CLI to complete administration and maintenance tasks for FortiGate UTM appliances including: system settings and network configuration; creation of administrative accounts; system back-ups; the monitoring of system alerts, device performance and operational status; FortiGuard Distribution Network Services and updates; and firmware management to ensure availability and reliability. Implement logging and monitoring features of the FortiGate device using the FortiAnalyzer appliance for content archive and reporting. Construct firewall policies with content inspection, scheduling, source and service type restrictions, and log unauthorized traffic. Apply firewall policy options for authentication, virtual IP access, IP pool and traffic shaping. Create Firewall protection profiles to implement FortiGate Antivirus features such as file pattern blocking, grayware scanning, file quarantine, and antivirus scanning. Configure antispam filtering using both subscription based FortiGuard Antispam Service and banned word methods. Use FortiGate Web filtering features including URL filtering, content blocking and the FortiGuard Web Filtering Service.
Fortinet, Inc. 1090 Kifer Road | Sunnyvale, CA 94086 | USA Training Services: (613) 225-9381 Fax: (613) 225-2951 training@fortinet.com
Configure content archiving and filtering of Instant Messaging and Peer-to-Peer traffic. Understand the differences between NAT/Route and Transparent operational modes of the FortiGate appliance.
Products Used
o
Products Trained On
o
Prerequisites
o o
Intermediate level network security experience Understanding of core network security and firewall concepts
Certification
This course helps to prepare students for the following certification exams:
Fortinet Certified Network Security Associate (FCNSA) Fortinet Certified Network Security Professional (FCNSP)
Course Topics
AGENDA - Day 1 Module 1 Overview and System Setup
Administrative Access System Dashboard Network Topology Interface IP Addressing DHCP Server/Relay Static Routes CLI Overview FortiGuard Distribution Network
System Log Settings Log Message Priorities Event Logging Content Inspection Logging Traffic Logging Viewing Log Files Content Archiving Alert Email FortiAnalyzer Appliance SNMP
Module 3 Maintenance
Configuration Backup Fortinet Support Registration FortiGuard Distribution Network Antivirus and IPS Signature Updates Firmware Maintenance, Upgrades and Dual Image Support FortiGuard Center System Health Monitoring Firewall Session Table
Firewall Policies Overview Stateful Inspection Firewall Addresses IP/Range and FQDN Firewall Services Overview Firewall Services Custom Firewall Schedules
Fortinet, Inc. 1090 Kifer Road | Sunnyvale, CA 94086 | USA Training Services: (613) 225-9381 Fax: (613) 225-2951 training@fortinet.com
Authentication User/Server Authentication Methods o Local o RADIUS o LDAP o FSAE o X.509 Certificates Authentication Services o Firewall Policies o SSL VPN o IPSec VPN o PPTP and L2TP o Administrative Login o FortiGuard Web Filtering Override
Firewall Policy: Standard, IP Pool and Fixed Port Virtual IP: Static NAT and Load Balancing Differentiated Services Traffic Shaping and Priorities Protection Profiles
Antivirus Overview Engine and Signature Updates Antivirus Scanning Antivirus Engine Scanning Non-Standard Ports Command Triggers Heuristics Replacement Messages Grayware/Spyware File Pattern Block/Allow Client Comforting
Fortinet, Inc. 1090 Kifer Road | Sunnyvale, CA 94086 | USA Training Services: (613) 225-9381 Fax: (613) 225-2951 training@fortinet.com
Fortinet, Inc. 1090 Kifer Road | Sunnyvale, CA 94086 | USA Training Services: (613) 225-9381 Fax: (613) 225-2951 training@fortinet.com
Email Basics Antispam Filtering Overview FortiGuard Antispam Service Banned Word Check Black/White List HELO DNS Lookup Return Email DNS Check DNSBL
Web Filtering Overview URL Filtering Content Blocking Content Exemption FortiGuard Web Filtering Service o Configuration o Local Rating o Local Categories o Override o Processing o Image Rating
FortiGate SSL VPN Gateway Types of SSL VPN SSL VPN Configuration Web Portal Features Web Portal Configuration Web Portal Interface Tunnel Mode Features
Fortinet, Inc. 1090 Kifer Road | Sunnyvale, CA 94086 | USA Training Services: (613) 225-9381 Fax: (613) 225-2951 training@fortinet.com
Client Integrity Checking Tunnel Mode Configuration User Experience of Tunnel Mode What about IPSec?
Fortinet, Inc. 1090 Kifer Road | Sunnyvale, CA 94086 | USA Training Services: (613) 225-9381 Fax: (613) 225-2951 training@fortinet.com