FortiGate II

Course Description

Fortinet is Award Winning Firewall Providing End-to- End Security Across the Entire Network Internal Segmentation, Perimeter Security, Cloud, Data Center Distributed or Small Business Deployment.

The Course Content Delivers Comprehensive Coverage on FortiGate NGFW Configuration and Troubleshooting. All Engineers Looking forward to Work on World best UTM Solution will Gain Tremendously from This Course.

Horizon Computers is Know to Deliver High Quality Training In the Field of Security Course contents are Designed by Experts Trainers to Provide Real Life Experience on Complex Setup. FortiGate Training is Delivered in Horizon Computers Vashi, Vile Parle and Pune Center



Course Audience:

  • Security engineers
  • Security administrators
  • Security operations specialists
  • Security analysts
  • Network engineers
  • Support staff

"Difficulty Level - Intermediate to Advance"

Course Pre-requisite:

  • OSI and TCP/IP Reference model
  • Data Encapsulation, Packet Format
  • IPv4/IPv6 Addressing Basics
  • L3 routing, Static, Dynamic
  • L2 Switching, Vlans, Trunk, SVI
  • Use of Packet Capture tools
  • Access Control List
  • NAT Basic
  • Fortigate I

Agenda

  • Routing
  • Virtual Domains
  • Transparent Mode and Layer 2 Switching
  • High Availability
  • Advanced IPsec VPN
  • Intrusion Prevention and Denial of Service
  • Fortinet Single Sign-On (FSSO)
  • Certificate Operations
  • Data Loss Prevention
  • Diagnostics
  • Hardware Acceleration
  • IPv6

Objectives:

  • Deploy FortiGate devices as an HA cluster for fault-tolerance and high performance
  • Inspect traffic transparently, forwarding as a Layer 2 device
  • Analyze a FortiGate's route table
  • Route packets using policy-based and static routes for multi-path and load-balance deployments
  • Connect virtual domains (VDOMs) without packets leaving the FortiGate
  • Implement a meshed / partially redundant VPN
  • Diagnose failed IKE exchanges
  • Fight hacking and denial of service (DoS)
  • Offer Fortinet Single Sign-On (FSSO) access to network services, integrated with Microsoft Active Directory
  • Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies
  • Understand encryption functions and certificates
  • Defend against data loss by identifying files with sensitive data, and blocking them from leaving your private network
  • Diagnose and correct common problems
  • Optimize performance by leveraging the ASIC acceleration chips, such as CP or NPs, instead of only the CPU resources
  • Implement IPv6 and hybrid IPv4-IPv6 networks

Labs: 25 Labs

The Labs are Conducted in a Challenging Real Life Scenerio Consisting of DUAL ISP Multiple Security Segments having Various servers running Multiple Applications.