Fortigate how to verify that IPS is actually working

Is your IPS actually doing what you expect? You have to test your configurations, especially with the Intrusion Prevention System, which demands not only On/Off switch, but also tuning or it may become useless. With AntiVirus we have Eicar fake virus on eicar.org to download. With IPS there …



Fortigate to Fortimanager management tunnel connection debug how-to

When the policy install fails on Fortimanager, it may mean many things as the process is quite complex with database/policy verification. But frequently, it happens because the communication tunnel between Fortimanager and Fortigate is down. The tunnel works on port 514, is encrypted (so we cannot see the contents …



Fortiweb Cookbook: Most Basic Setup - One website, add HTTPS support, Round Robin load balancing between two physical servers, all protections on Alert only, Host header filtration

Task: Taking the basic setup a step further, let's enable HTTPS protocol between clients and Fortiweb for the yurisk.com. Solution. Step 1. Create certificate signing request (CSR) to use in issuing the SSL certificate. I will use Ubuntu server. It does not have to be a server actually hosting …



Fortiweb Cookbook: Basic setup - adding web site access authentication with local and remote (LDAP) users

Task: Continuing the Basic setup, we want to protect access to some pages, namely the root document "/" and "/treasure" with username and password. For this we want 2 kinds of users: local created on the Fortiweb, and remote residing in the Active Directory of the company. Even though it is …



Fortigate Local in Policy what it does and how to change/configure it

Fortigate comes with some services allowed in incoming direction, even without any configuration done by you. Important to note is that in such pre-configured security rules the destination is mostly the Fortigate itself, sometimes its specific interfaces, sometimes all of the interfaces. That is, this does not allow access though …



Fortiweb Cookbook: Most Basic Setup - One website, HTTP only, Round Robin load balancing between two physical servers, all protections on Alert only, Host header filtration

Task: publish website yurisk.com, hosted on 2 physical servers: server1 (10.10.10.13) and server2 (10.10.10.14). The site should be available on HTTP only, no HTTPS. Apply preconfigured protection Inline Alert Only. The website's IP address visible to clients is 192.168.13.92. Solution …



Fortigate virtual IP server load balancing configuration and debug

The general workflow is: Facts to know: Available server types: http, https, imaps, pop3s, smtps, ssl, tcp, udp, ip Server types ssl, https and all the SSL based ones are available in Proxy inspection mode of the Fortigate only. Only starting with FortiOS 6.2.1 https load balancing supports …



Fortigate DoS/DDoS sensor/policy rules configuration and verification

Facts to know: You use Dos protection by creating Dos policy (Policy & Objects -> IPv4/Ipv6 DoS Policy) in which you enable/modify anomalies. The list of anomalies is pre-set in any policy you create. You only have the choice which ones to enable and which ones not to. All anomalies …



AWS cli cookbook

Get a list of all the buckets under user account Recursively list contents of a given bucket yurisk.info Recursively list contents of a given bucket printing sizes in a friendly format List contents of a bucket, add summary for number of objects and their total size Get access-list associated …



RAD ETX 203, 205, 220 debug and information commands

Table of Contents Cheat sheet of debug commands Examples show configure port summary show config port eth 4/2 status show config port eth 4/1 statistics Measuring the traffic rate passing the interface Run ping between 2 ETXes show config system system-date show configure flows summary brief show configure …