The Data Security Company
More maxtec at maxtec.co.za!

News and Events

  • Fortinet TrainingFortinet Training

    Two day course focussing on Fortigate multi-threat security systems administration, content inspection and basic VPN… »

  • Allot TrainingAllot Training

    ALLOT TRAINING Maxtec would like to invite our Customers to Allot Training @ our Johannesburg… »

Latest on Twitter

Training


FortiGate Multi-Threat Security Systems I (Administration, Content Inspection and SSL VPN) click here

FortiGate Multi-Threat Security Systems II (Secured Network Deployment and IPSec VPN) click here

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN

Course 201 v4.1 (for FortiOS 4.0 MR2)

Course Overview

The Administration, Content Inspection and SSL VPN course is available as a 2-day instructor-led course (public class or private on-site session), or a self-paced training course. The course provides an introduction to the configuration and administration of the FortiGate Unified Threat Management appliance.

Through a variety of hands-on labs, students will learn about the most commonly used features of the FortiGate unit.

Participants will gain a solid understanding of how to integrate the FortiGate unit into their existing environment, and the operational maintenance involved to ensure optimal performance and full protection of their corporate assets.

Course Objectives

Upon completion of this course, students will be able to:

Describe the capabilities of the FortiGate Unified Threat Management appliance.
Use Web Config and CLI to complete administration and maintenance tasks.
Understand the basic differences between the NAT/Route and Transparent operational modes.
Implement logging to a FortiAnalyzer appliance.
Construct firewall policies to control traffic passing through the FortiGate unit.
Define identity-based policies for authentication.
Implement SSL VPNs to offer secure access to private networks.
Configure updates to the FortiGuard Subscriptions Services.
Implement threat management filtering including antivirus, email filtering, web filtering, data leak prevention, application control and endpoint control.
Introductory-level network security experience
Basic understanding of core network security and firewall concepts

Prerequisites:

Introductory-level network security experience
Basic understanding of core network security and firewall concepts
Self-Paced Training Requirements:
FortiGate SOHO-level device (FortiGate110C and lower)
FortiOS 4.0 MR2 firmware
Valid FortiGuard Subscription Services license
Available serial port on PC/laptop or USB to serial adaptor
Internet connectivity

Who Should Attend

This introductory-level course is intended for anyone who is responsible for the day-today administration and management of a FortiGate unit. Students must be familiar with the topics presented in this course before attending the FortiGate Multi-Threat Security Systems II – Secured Network Deployment and IPSec VPN course.

Certification

This course helps to prepare students for the following certification exams:

Fortinet Certified Network Security Associate (FCNSA)
Fortinet Certified Network Security Professional (FCNSP)

Course Topics

AGENDA – Day 1

Lesson 1 – Overview and System Setup
Unified Threat Management
The Fortinet Solution
Firewall Basics
FortiGate Capabilities and Components
Device Administration
Lesson 2 – Logging and Alerts
Logging Levels
Log Storage Locations
Log Types
Viewing Log Files
Content Archiving
Alert Email
SNMP
Reporting using a FortiAnalyzer device
Lesson 3 – Firewall Policies
Policy Matching
Firewall Policy Elements
Identity-Based Policies
Threat Management
Traffic Shaping
Load Balancing
Lesson 4 – Authentication
Authentication Methods
Authenticated Operations
Users and User Groups
Identity-Based Policies and Authentication Rules
Monitoring Firewall Authentication

AGENDA – Day 2
Lesson 5 – SSL VPN
FortiGate VPN
SSL VPN Operating Modes
User Groups
Portals
SSL VPN Firewall Policies
Lesson 5 – SSL VPN
FortiGate VPN
SSL VPN Operating Modes
User Groups
Portals
SSL VPN Firewall Policies
Lesson 6 – FortiGuard Subscription Services
FortiGuard Distribution Network
FortiGuard Antivirus Service
FortiGuard Intrusion Prevention System Service
FortiGuard Web Filtering Service
FortiGuard Antispam Service
FortiGuard Vulnerability Management Service
FortiGuard Subscription Services Licensing
Updating Antivirus and IPS Services
Web Filtering and Antispam Options
FortiGuard Center
Lesson 7 – Threat Management
Content Scanning Techniques
Threat Management Architectural Components
Lesson 8 – Antivirus
Virus Types
Antivirus Elements
File Filters
Virus Databases
Grayware
Quarantine
Antivirus Profiles
Lesson 9 – Email Filtering
Email Filtering Actions
Email Filtering Methods
FortiGuard Email Filters
Banned Word
IP Address Filtering
Email Address Filtering
Multipurpose Internet Mail Extensions (MIME) Headers Check
DNS Blackhole List and Open Relay Database List
Email Filter Profiles
FortiMail Email Filtering
Lesson 10 – Web Filtering
Web Filtering Elements
URL Filter
FortiGuard Web Filter
Web Filtering Overrides
Local Ratings
Local Categories
Web Content Filter
Web Filter Profiles
Lesson 11 – Data Leak Prevention
Monitored Data Types
Data Leak Preventions Rules
Data Leak Prevention Sensors
Lesson 12 – Application Control
Application Types
Application Control Lists
Lesson 13 – Endpoint Control
Endpoint Network Access Control
Application Sensors
Endpoint NAC Profiles
Vulnerability Scanning
Monitoring Endpoints

FortiGate Multi-Threat Security Systems II Secured Network Deployment and IPSec VPN

Course 301 v4.1 (for FortiOS 4.0 MR2)

Course Overview

The Secured Network Deployment and IPSec VPN course provides 3 days of instructor-led training (in a public or private on-site class setting) where participants will gain a comprehensive understanding of the advanced networking and security features of FortiGate Unified Threat Management security appliances.

Hands-on labs allow students to perform the tasks associated with the configuration and troubleshooting of virtual domains, routing, WAN optimization, high availability, IPS, authentication and IPSec VPNs.

This course demonstrates features that can be easily adapted when planning a secure network deployment using FortiGate Unified Threat Management appliances.

This advanced-level course is a continuation of the topics discussed in FortiGate MultiThreat Security System I – Administration, Content Inspection and SSL VPN (Course 201).

Course Objectives

Upon completion of this course, students will be able to:

Construct virtual domains and configure inter-VDOM routing.
Use the built-in FortiOS diagnostic tools for troubleshooting and performance monitoring.
Enable logging to a FortiAnalyzer device.
Configure static and policy routing.
Implement FortiGate traffic optimization techniques.
Configure IPS protection to protect network resources from attack.
Control access to network resources by enabling LDAP or Directory Services authentication.
Debug IKE exchanges to troubleshoot connection negotiations.
Create IPSec VPNs to permit client access to a FortiGate VPN gateway.
Set up a high availability cluster configuration.

Products Used in This Course

FortiGate, FortiAnalyzer and FortiClient

Prerequisites

Previous experience working with the FortiGate Unified Threat Management device.
Solid knowledge of the Web Config administrative interface and the FortiGate Command Line Interface.
Knowledge of dynamic routing protocols, IPSec VPNs, and intrusion detection concepts.
Completion of FortiGate Multi-Threat Security System I – Administration, Content Inspection and SSL VPN (Course 201) is highly recommended.

Who Should Attend

This course is intended for networking professionals involved in the design and implementation of a security infrastructure using FortiGate Unified Threat Management appliances. This advanced-level course is a continuation of the topics discussed in FortiGate Multi-Threat Security System I – Administration, Content Inspection and SSL VPN (Course 201). Content in the 301 course is geared to professionals with a sound knowledge of the concepts involved in the operation of a FortiGate device. It is assumed that students are familiar with the topics presented in the 201 course.

Certification

This course helps to prepare students for the following certification exam:

Fortinet Certified Network Security Professional (FCNSP)

Course Topics

AGENDA – Day 1

Lesson 1 – Virtual Networking
VLANs on a FortiGate Unit
Global and Virtual Domain Configuration Settings
Configuring Virtual Domains
Inter-VDOM Links
Lesson 2 – Diagnostics
Diagnostic commands
Self Help Options
Lesson 3 – Routing
NAT/Route Mode
Static Routes
Policy Routes
Dynamic Routing
Routing Information Protocol
Open Shortest Path First
Border Gateway Protocol
Multicast Routing

AGENDA – Day 2

Lesson 4 – Traffic Optimization
FortiGate WAN Optimization Techniques
Configuring WAN Optimization
Configuring Web Cache
WCCP v2 Support
Monitoring WAN Optimization
Lesson 5 – Intrusion Prevention System
IPS Signatures
IPS Sensors
Attack Types
Monitoring IPS Attacks
Lesson 6 – LDAP Authentication
Directory Configuration
LDAP Authentication
Lesson 9 – Directory Services Authentication
Fortinet Server Authentication Extensions
Configuring FSAE on Windows Active Directory
Configuring FSAE on FortiGate Units

AGENDA – Day 3

Lesson 9 – IPSec VPN
IPSec Architecture
IPSec Protocols
Internet Key Exchange
IPSec VPN Modes
Configuring IPSec VPN
Internet Browsing
IPSec VPN Monitor
Overlapping Subnets
IPSec Debugging
VPN Troubleshooting Tips
Lesson 10 – High Availability
High Availability Clusters
High Availability Modes of Operation
Active-Passive
Active-Active
FortiGate Clustering Protocol
Virtual Addresses
FGCP Heartbeat
Heartbeat Interfaces
HA Configuration Synchronization
Load Balancing
Failover
Virtual Clustering
Session Synchronization
Lesson 11 – Transparent Mode
Operating Modes
Ethernet Frame and VLAN Tags
VLANs on a FortiGate Unit Operating in Transparent Mode
Transparent Bridge
Broadcast Domains
Forwarding Domains
Spanning Tree Protocol
Link Aggregation

back to top