FortiGuard Security 7.

I. Introduction and initial configuration :

1. ForiGuard Subscription services :

Package update : FortiGaurd Antivirus and IPS with TCP port 443 (SSL)
Live queries : FortiGuard Web Filtering , DNS Filtering and antispam
by proprietary protocol on UDP port 53 or 8888 and for https over
port 443, 53 or ;8888

2. Administration Methods :

CLI : Console, SSH, Telnet, Gui Widget

GUI : FortiExplorer, W<eb Browser (http, HTTPS)
SNMP and some other administrative protocols are also supported
but they are read -only, You can’t them for basic setup.

3. Basic CLI Commands :

Curtrent status of FortiGate : get system status

Attribute values for the system interface :
show full-configuration system interface <port>
non-default attribute values for the system interface :
show system interface <port>

4. Resetting a lost Admin Password :

User : maintainer and password : bcpd<serial-number>
Disable maintainer :
Console port :
Config sys global
Set admin-maintainer disable
end

5. FortiGate can use FortiPAM to automatically assign IP addresses.

 One-Arm Sniffer
Only available in CLI
Config system interface
Edit port <number>
Set ips-sniffer-mode enable
End

6. Link Aggregation : Increases redundancy for higher availability

7. FortiGate as a DNS Server mode :
 Forward : relay requests to the next server (in DNS settings)
 Non-recursive : use FortiGate DNS database only to try to resolve
 Recursive :use FortiGate DNS database fisrt, relay unresolve
II. Security Fabric
The security Fabric has the following attributes :

 Broad : it provides visibility of the entire digital attack surface to

better manager risk
 Integrated : it provides a solution that reduces the complexity of
supporting multiple point products.
 Automated : Threat intelligence is exchanged between network
components in real-time allowing for automated reponse to
threats.

VDOM mode :