Scribd
Upload
158 views

FGT Overview and Design

This document provides an overview of Fortinet FortiGate Next-Generation Firewall training. It discusses the types of security solutions FortiGate provides including firewall, VPN, IPS, content filtering, and identity access control services. It also outlines FortiGate features, common deployment topologies, and how to design networks, routing, VPN, and security policies for FortiGate implementations. The document concludes by listing topics that will be covered in practical training videos.

Uploaded by

UmAiR A
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
158 views

FGT Overview and Design

This document provides an overview of Fortinet FortiGate Next-Generation Firewall training. It discusses the types of security solutions FortiGate provides including firewall, VPN, IPS, content filtering, and identity access control services. It also outlines FortiGate features, common deployment topologies, and how to design networks, routing, VPN, and security policies for FortiGate implementations. The document concludes by listing topics that will be covered in practical training videos.

Uploaded by

UmAiR A
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

Fortinet: FortiGate Next-Generation

Firewall Training

www.routehub.net

Michel Thomatis, CCIE #6778


Chief Network Architect and Lead Trainer
Type of Security Solutions
• Firewall Services (1st Generation Services, NGFW Services)
• Filtering based on Network, IP, Protocols
• Filtering based on Users Identity – (External Security Control)
• Filtering based on Applications, Micro-Applications, URL, OS, Web Browser, Device

• VPN Services
• Site VPN (IPSec), Client VPN (IPSec, SSL)

• IPS Services (NGFW)


• Passive, Active

• Content Filtering Services (NGFW)


• Anti-Virus, Malware, URL

• Identity Access Control Services


• User Identity, User Endpoint - (Internal Security Control)
Fortinet: FortiGate Firewall Series
• Business Size | Performance | Port Capacity | Features
Fortinet FortiGate : Features
• Advanced Routing
• Security Policies
• NAT
• SSL Decryption/Inspection
• UTM (Anti-Virus, IPS, Application Control, Web Filter, Endpoint Control)
• Two Factor Authentication
• File Blocking
• Email Filter
• Client VPN
• Site VPN
• Traffic Shaping
• WAN Optimization
Design : Overview
Design : Topology & Deployment
• LAN or Data Center Topology
• 1-Tier Topology (Collapsed Core)
• 2-Tier Topology (Collapsed Core, Access)
• 3-Tier Topology (Core, Aggregation, Access)

• Firewall Topology & Deployment


• In-line between LAN/Data Center & Internet Edge
• In-line between LAN/Data Center & Other network (e.g. Wireless)
Design : Networks
• WAN – Network connected to the external network ( Internet cloud)
• Public network – 172.31.106.0 /29

• LAN – Network connected to the internal network


• Transit to Internet Edge – 172.17.99.16 /29
• User Network – 172.17.101.0 /24 (VLAN 101)
• Server Network – 172.17.201.0 /24 (VLAN 201)

• Guests & BYOD – a restricted network for guest and BYOD users
• Guest/BYOD Wired – 172.17.11.0 /24 (VLAN 11)
• Guest/BYOD Wireless – 172.17.102.0 /24 (VLAN 102)

• VPN – a network dedicated for VPN user access


• Client Network – 172.17.250.0
Design : Routing
• Internal Routing - Routing between Internal network (LAN, Data Center) and Firewall
• OSPF, RIP, Static

• External Routing - Routing between Internet and Firewall


• Static, BGP
Design : VPN
• Client based VPN – VPN tunnel between the firewall and user’s computer/laptop
• IPSec VPN, SSL VPN

• Site based VPN – VPN tunnel between two VPN devices (routers, firewalls)
• IPSec VPN
Design : Security
• Basic Filtering
• Filtering based on Network (Protocol, IP, Port)
• Filtering based on Users Identity (Active, Passive)
• Filtering based on Device/Endpoint
• Two-Factor Authentication using Tokens

• Advanced Filtering
• Application Control (Filtering based on Application, Micro-Application)
• IPS
• Anti-Virus
• Web Filtering (URL Filtering)
• Endpoint Control
• File Blocking
• Traffic Shaping
Video Topics
Continue to practical videos

You might also like