Proseth Informatics Center ×


FortiGate Level 1

Register Background

Register Now

Learn With IT Professional Instructor


Course Informations
Type: Course
Audience(s): IT Professionals
Technology: Fortinet
Delivery method: Classroom
Language(s): Khmer
Price : phone +855 70 30 40 92 / +855 11 93 62 08
Chart With Us
Class Start : October 6, 2019
Day & Time :

1:00 PM - 5:00 PM

Course Details

Course Description

You will learn how to use basic and advanced FortiGate features, including networking and security. In interactive labs, you will explore firewall policies, user authentication, SSL VPN, dial-up IPsec VPN, and how to protect your network using security profiles such as IPS, antivirus, web filtering, application control, and more. These administration fundamentals will provide you with a solid understanding of how to implement basic network security. Other topics include features commonly applied in complex or larger enterprise or MSSP networks, such as advanced routing, transparent mode, redundant infrastructure, site-to-site IPsec VPN, SSO, web proxy, and diagnostics.

Course Agenda

Module 1: Introduction to FortiGate and the Security Fabric

  • High-Level Features
  • Setup Decisions
  • Basic Administration
  • Built-In Servers
  • Fundamental Maintenance
  • FortiGate Within the Security Febric

Module 2: Firewall Policies

  • Firewall Policies
  • Configuring Firewall Policies
  • Managing Firewall Policies
  • Best Practices and Troubleshooting

Module 3: Network Address Translation (NAT)

  • Introduction to NAT
  • Firewall Policy NAT
  • Central NAT
  • Session Helpers
  • Sessions
  • Best Practices and Troubleshooting

Module 4: Firewall Authentication

  • Methods of Firewall Authentication
  • Remote Authentication Servers
  • User Groups
  • Using Firewall Policies for Authentication
  • Authenticating Through Captive Portal
  • Monitoring and Troubleshooting

Module 5: Logging and Monitoring

  • Log Basics
  • Local Logging
  • Remote Logging
  • Log Settings
  • View, Search, and Monitor Logs
  • Protecting Log Data

Module 6: Certificate Operations

  • Authenticate and Secure Data Using Certificates
  • Inspect Encrypted Data
  • Mange Digital Certificates in FortiGate

Module 7: Web Filtering

  • Inspection Modes
  • Web Filtering Basics
  • Additional Proxy-Based Web Filtering Features
  • DNS Filtering
  • Best Practices and Troubleshooting

Module 8: Application Control

  • Application Control Basics
  • Application Control Configuration
  • Logging and Monitoring Application Control Events
  • Best Practices and Troubleshooting

Module 9: Antivirus

  • Antivirus Basics
  • Antivirus Scanning Modes
  • Antivirus Configuration
  • Best Practices
  • Troubleshooting

Module 10: Intrusion Prevention and Denial of Service

  • Intrusion Prevention System
  • Denial of Service
  • Web Application Firewall
  • Best Practices
  • Troubleshooting

Module 11: SSL-VPN

  • Describe SSL-VPN
  • SSL-VPN Deployment Modes
  • Configuring SSL-VPNs
  • Realms and Personal Bookmarks
  • Hardening SSL-VPN Access
  • Monitoring and Troubleshooting

Module 12: Dialup IPsec VPN

  • IPsec Introduction
  • IKE Phase 1 and IKE Phase 2
  • Dialup IPsec VPN
  • Best Practices and VPN Logs

Module 13: Data Leak Prevention (DLP)

  • DLP Overview
  • DLP Filters
  • DLP Fingerprinting
  • DLP Archiving
  • Best Practices
Course Completion

After completing this course, students will be able to:

  • Deploy the appropriate operation mode for your network.
  • Use the GUI and CLI for administration.
  • Identify the characteristics of the Fortinet security fabric.
  • Control network access to configured networks using firewall policies.
  • Apply port forwarding, source NAT, and destination NAT.
  • Authenticate users using firewall policies.
  • Understand encryption functions and certificates.
  • Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies.
  • Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites.
  • Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports.
  • Fight hacking and denial of service (DoS).
  • Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network.
  • Offer an SSL VPN for secure access to your private network.
  • Implement a dialup IPsec VPN tunnel between FortiGate and FortiClient.
  • Collect and interpret log entries.
  • Analyse a FortiGate’s route table.
  • Route packets using policy-based and static routes for multi-path and load balanced deployments.
  • Configure SD-WAN to load balance traffic between multiple WAN links effectively.
  • Inspect traffic transparently, forwarding as a Layer 2 device.
  • Divide FortiGate into two or more virtual devices, each operating as an independent FortiGate, by configuring virtual domains (VDOMs).
  • Establish an IPsec VPN tunnel between two FortiGate appliances.
  • Compare policy-based to route-based IPsec VPN.
  • Implement a meshed or partially redundant VPN.
  • Diagnose failed IKE exchanges.
  • Offer Fortinet Single Sign On (FSSO) access to network services, integrated with Microsoft Active Directory.
  • Deploy FortiGate devices as an HA cluster for fault tolerance and high performance.
  • Deploy implicit and explicit proxy with firewall policies, authentication, and caching.
  • Diagnose and correct common problems.
    Course Prerequisites

    Before attending this course, students must have:

    • Knowledge of network protocols
    • Basic understanding of firewall concepts
    • Knowledge of OSI layers
    • Knowledge of firewalling concepts in an IPv4 network

    Target audience

    Networking and security professionals involved in the management, configuration, design, implementation, administration and monitoring of FortiGate devices used to secure their organizations’ networks.

    Talk to us on these social networks:

    Register Now

    Learn With IT Professional Instructor


    Recommend Course
    CCNA Security : Implementing Cisco Network Security (IINS)

    CCNA Security : Implementing Cisco Network Security (IINS)

    HNTD-1: Huawei Network Technology and Device Training –Part 1

    HNTD-1: Huawei Network Technology and Device Training –Part 1

    CCNP TSHOOT : Troubleshooting and Maintaining Cisco IP Network

    CCNP TSHOOT : Troubleshooting and Maintaining Cisco IP Network

    CCNP SWITCH : Implementing Cisco IP Switched Networks (SWITCH)

    CCNP SWITCH : Implementing Cisco IP Switched Networks (SWITCH)