Professional Documents
Culture Documents
Fortigate Ii: Instructor Guide For Fortigate 5.4.1
Fortigate Ii: Instructor Guide For Fortigate 5.4.1
Instructor Guide
for FortiGate 5.4.1
Product Version
Product Version
This training covers FortiGate 5.4.1.
The FortiGate II course is the second part of the two-part NSE 4 curriculum. It can be delivered as an
instructor-led course, or it can be taken online. This course includes a facilitated lab. This course may
be delivered as part of a custom, private training engagement.
See the course descriptions for the lessons, and the course goals and objectives.
What’s new
This section highlights some of the key changes in this update of the FortiGate II course.
General Changes
16X9 layout for slides, which is better displayed in modern screens.
Quizzes have been added to FLC using Quizmaker. This provides direct feedback with references
to source slides.
The Firewall Policies lesson has been divided into two lessons:
o Firewall Policies
o Network Address Translation (NAT)
FortiGate inspection mode is chosen at the VDOM level – proxy-based or flow-based.
The student guide includes labs that are divided into exercises, and the exercises are divided into
procedures.
o Each procedure contains a short list of steps, and a description that explains what the student
will do and why.
The GUI settings are now shown in bold.
Changes in Lessons
This section provides details about changes and new feature information added to specific lessons.
Lesson 1 - Routing
New Features/Content
Static routes with named addresses were added.
Internet services were added.
A debug command for listing the inactive routes was added.
Packet sniffer was added.
Lesson 7- FSSO
New Feature/Content
WMI pooling mode was added.
New Feature/Content
Certificate-based authentication for users and administrators was added.
HPKP
An introduction to certificate authentication for SSL and IPsec VPNs was added.
A new action for accepting untrusted certificates was added.
Lesson 9- DLP
The manual document fingerprinting feature was removed in FortiOS 5.4.1. It was replaced by
network share for fingerprinting.
Wi-Fi is not recommended due to packet loss. Firewalls (including FortiClient and Windows Firewall)
must allow connections with the virtual lab.
Students must be able to reach both the virtual lab hosted by Microtek/Hatsize (connectivity details are
in the Student Guide) and the Learning Management System (LMS).
(https://gm1.geolearning.com/geonext/fortinet/myhome.geo). From the LMS, students can download a
copy of the Student Guide for labs and exam study/preparation. They may also be able to view an
alternative video of the presentation.
Item Amount
Lab Setup
FortiGate VMs in the virtual lab are running FortiGate 5.4.1.
The lab topology is described in the Virtual Lab Setup Guide for FortiOS 5.4.1, and the FortiGate I
Student Guide for FortiGate 5.4.1.
Materials and System Requirements
Class Size
The recommended class size for this course is 12 participants; however, smaller or larger class sizes
numbers are permitted.
Time to Complete
Time to Complete
Schedules may vary by region and customer, but assuming a 9am to 5pm day with one hour for
breaks, there is a seven-hour study day. There are 12 lessons to deliver in this three-day course.
Try to avoid lectures longer than 30 minutes. Break lessons into two segments, if necessary..