In this class, you will learn advanced FortiGate networking and security. Topics include features commonly in complex or larger enterprise/MSSP networks, such as advanced routing, transparent mode, redundant infrastructure, advanced IPsec VPN, IPS, SSO, data leak prevention, diagnostics, and fine-tuning performance.
Product version: FortiGate 5.2
This course is part of preparation for the NSE 4 certification exam.
After completing these courses, you will be able to:
• Deploy FortiGate devices as an HA cluster for faulttolerance & high performance
• Inspect traffic transparently, forwarding as a Layer 2 device
• Analyze a FortiGate’s route table
• Route packets using policy-based and static routes for multi-path and load-balance deployments
• Connect virtual domains (VDOMs) without packets leaving FortiGate
• Implement a meshed / partially redundant VPN
• Diagnose failed IKE exchanges
• Fight hacking & denial of service (DoS)
• Diagnose IPS engine performance issues
• Offer Fortinet Single Sign On (FSSO) access to network services, integrated with Microsoft Active Directory
• Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies
• Understand encryption functions and certificates
• Defend against data leaks by identifying files with sensitive data, and blocking them from leaving your private network
• Diagnose and correct common problems
• Optimize performance by configuring to leverage ASIC acceleration chips, such as CP or NPs, instead of only the CPU resources
• Implement IPv6 and hybrid IPv4-IPv6 networks
Networking and security professionals involved in the design, implementation, and administration of a security infrastructure using FortiGate appliances. This course assumes knowledge of basic yet FortiGatespecific fundamentals. As a result, if you know about firewalls, but are new to Fortinet, we do not recommend that you skip FortiGate I.
Knowledge of OSI layers
Knowledge of firewalling concepts in an IPv4 network
Thorough understanding of all topics presented in the prerequisite FortiGate I course.
2. Virtual Networking
3. Transparent Mode
4. High Availability
5. Advanced IPsec VPN
8. Certificate Operations
11. Hardware Acceleration
3 (three) days.