In this, 1st part of tutorial series, I will show how to enable remote access to API on Checkpoint Management Server, verify that it is running and is indeed enabled for remote access, and create first Network object - Host via HTTP request. All this I will do in Postman software …

Table of Contents General Health Communication debug Logs from devices Licensing Example debug session on Fortianalyzer Show connected to the FAZ devices General state of FAZ (version, serial, HA status, license status) Performance stats (appliance FAZ will have more data) Running processes and CPU load Logging devices with quotas for …

In this short visual guide I will show how to create a custom report from your own SQL query in Fortianalyzer. Fortianalyzer comes with plethora of datasets and reports defined - more than 800. My issue with all of them - they are overly complex and are geared more towards C-level management …

On 30th of March Fortinet released FortiOS 7.0 for all the supported models (alas, many D series Fortigates like 500D, are not supported), and here is the visual walkthrough of changes that can be seen in GUI. Note All the videos below come without sound. New color themes were …

Update August 2022: All the said below is still true, but starting with FortiOS 7.2.1 the process of issuing the evaluation license has changed. So, after reading this article, make sure to read this one as well: Fortigate free VM Evaluation License is now permanent, not limited to …

Fortiguard is a subscription based service from Fortinet, where your Fortigate queries their servers in real-time for various services: Periodic checking of Fortigate subscription/license validity for Web Filtering/AppControl/AntiVirus/AntiSpam/DNS Filtering. Real-time querying for visited by users web sites rating. Periodic signatures updates for IPS/AppControl/AntiVirus …

Around 50,000 Fortigate VPN accounts from around the globe were leaked to the public Internet last week. Not really news anymore, you can learn details elsewhere. What I asked myself about that was – is there anything to be done to prevent or lower the damage of such vulnerabilities? The …

Table of Contents Introduction Start nfcapd netflow collector in a daemon mode listening on port 5001 with all extensions enabled and saving received netflow data into the named folder NFS-cisco-rtr. Accept netflow records only coming from the sender with the IP of 13.13.13.137 Read and print all …

Recently I had the opportunity to configure an external threat feed as a block list for the Fortigate and was pleasantly surprised by how much simpler it has become. Task at hand: Block incoming connections sourced from IP addresses supplied as a list by a 3rd party commercial Threat Intelligence …

The guest user accounts are special in Fortigate and unlike regular local Firewall user accounts. The flow of creating them is: Let's configure it. First, you create Groups, which serve, in this case, as a template for various parameters users can/must have later: User & Device -> User Groups -> New .. -> Type …