This video shows a simple firewall policy rule you can apply to your fortigate firewall to protect your network from a significant amount of malicious traffic.
Жүктеу.....
Пікірлер: 17
@987CAYMAN07 Жыл бұрын
thanks, using this to train our users. Great narration!
@user-pk9mg2lr4e5 ай бұрын
Thanks dude. I wish you were making more of these videos.
@Anodynus76 ай бұрын
just applied to prod. thanks and looking forward to more!
@adolfofioranelli5 ай бұрын
Thanks! Nice Policy
@networkn23 күн бұрын
Dude, this is awesome. I'd love you to share more of your knowledge.
@user-vh8bp2gd3p Жыл бұрын
This helps a lot! thanks
@NoneRain_Ай бұрын
thanks mate
@tomisac18099 ай бұрын
That is great
@TheHabibalby6 күн бұрын
Excellent tip, thanks for sharing it. Just one question with regards to the source address, any reason why you have selected all your vLAN/Addresses instead of All -> SpamDestination = Deny?
@vijay85cisco Жыл бұрын
thks.. but this video shows outbound connection from DC to the internet... what about securing malicious in traffic from internet to DC all VLANs
@cmonwork
11 ай бұрын
Firewall has implicit deny for any traffic that comes from outside. Unless you have changed this by simply adding WAN as your source int and your internal interface as dest int. If you are referring to: what happens if a user tries to download a virus, When you create a security policy to allow outbound traffic from the internal network to the WAN, and if you have applied the antivirus security profile to that policy, it will protect against downloading malware or virus-infected files from the Internet to your internal network.
@tonysfortinetchannel
7 ай бұрын
The basic rule of a firewall is to block traffic. So any attempts to connect to this firewall from outside to inbound is automatically blocked, unless a policy is created to allow it.
@janoliver8713
4 ай бұрын
I know that there is an implicit deny rule at the bottom, but I am always doing a similar rule with known bad categories (and also with added third party feeds of known bad IP) an place it as the first firewall policy. It adds a little more security and it prevents known bad IP’s to hit your allowed inbound rules, e.g. a webserver.
@zahraaelsayed7154 Жыл бұрын
i'm don't have licence for this fortigate
@tonysfortinetchannel
7 ай бұрын
This is a next-gen Firewall which requires a subscriptions in order to keep up to date with worldwide threat intelligence. Threats are being created all the time, everyday. A subscription on your firewall allows it to receive this intelligence as soon as it's available. It's not enough to do classic firewall anymore. Threat intelligence is KEY to your firewall's ability to protect it's network from attacks. New Botnet domains are being created literally every moment of every day.
Пікірлер: 17
thanks, using this to train our users. Great narration!
Thanks dude. I wish you were making more of these videos.
just applied to prod. thanks and looking forward to more!
Thanks! Nice Policy
Dude, this is awesome. I'd love you to share more of your knowledge.
This helps a lot! thanks
thanks mate
That is great
Excellent tip, thanks for sharing it. Just one question with regards to the source address, any reason why you have selected all your vLAN/Addresses instead of All -> SpamDestination = Deny?
thks.. but this video shows outbound connection from DC to the internet... what about securing malicious in traffic from internet to DC all VLANs
@cmonwork
11 ай бұрын
Firewall has implicit deny for any traffic that comes from outside. Unless you have changed this by simply adding WAN as your source int and your internal interface as dest int. If you are referring to: what happens if a user tries to download a virus, When you create a security policy to allow outbound traffic from the internal network to the WAN, and if you have applied the antivirus security profile to that policy, it will protect against downloading malware or virus-infected files from the Internet to your internal network.
@tonysfortinetchannel
7 ай бұрын
The basic rule of a firewall is to block traffic. So any attempts to connect to this firewall from outside to inbound is automatically blocked, unless a policy is created to allow it.
@janoliver8713
4 ай бұрын
I know that there is an implicit deny rule at the bottom, but I am always doing a similar rule with known bad categories (and also with added third party feeds of known bad IP) an place it as the first firewall policy. It adds a little more security and it prevents known bad IP’s to hit your allowed inbound rules, e.g. a webserver.
i'm don't have licence for this fortigate
@tonysfortinetchannel
7 ай бұрын
This is a next-gen Firewall which requires a subscriptions in order to keep up to date with worldwide threat intelligence. Threats are being created all the time, everyday. A subscription on your firewall allows it to receive this intelligence as soon as it's available. It's not enough to do classic firewall anymore. Threat intelligence is KEY to your firewall's ability to protect it's network from attacks. New Botnet domains are being created literally every moment of every day.
And get my system infected nu the Chinese? 😅
Tony you're great but you talk too damn fast. 🙂