I create and destroy FortiGate VMs all the time in my lab and a lot of our customers do the same thing in their private cloud and public cloud environments. Having a static license to … Using FortiFlex to License FortiGatesRead more
Fortinet
FortiNAC for Guest Access Using a Captive Portal
This was a long post in the making… I needed to setup FortiNAC from scratch to onboard and provide a captive portal for guests to self-register once they connected to my FortiGate-managed FortiAPs in tunnel … FortiNAC for Guest Access Using a Captive PortalRead more
Fortinet Zero Trust Network Access (with SAML)
I love the goal of Zero Trust: don’t trust and continuously verify. It protects against extending the LAN to the remote PC connecting over the VPN, including preventing usage of personal devices by employees. It … Fortinet Zero Trust Network Access (with SAML)Read more
FortiExtender for Cellular Connectivity
I have wanted to play with our FortiExtender for a while and finally got my hands on the FEX-511F! FortiExtender is more than just a cellular wireless WAN device to use as a cellular connection … FortiExtender for Cellular ConnectivityRead more
The Fortinet SD-WAN Overlay Template Wizard
I’ve been using a two year old SD-WAN/VPN/BGP config in my Fortinet home lab, adjusted over time to take advantage of new VPN and BGP templates in new FortiManager releases. But I hadn’t utilized our … The Fortinet SD-WAN Overlay Template WizardRead more
FortiGate Internet Redundancy Designs
The topic of high availability Internet connectivity is a constant conversation I have with my customers and teammates and I finally thought it best to sit down and draw the various options. These options assume … FortiGate Internet Redundancy DesignsRead more
Using FortiNDR to Detect Malicious Activity
In last month’s post, I wrote on how to send traffic into FortiNDR to detect malware and malicious activity. Since then I brainstormed how to pump a lot of malicious traffic through my network and … Using FortiNDR to Detect Malicious ActivityRead more
Network Detection and Response
In a past life as a member of a Blue Team providing defensive security, I loved tapping critical points of the network and mirroring that traffic to an IDS, then to our SIEM so that … Network Detection and ResponseRead more
FortiZTP
In a past blog post, I blogged about the various zero touch and low touch provisioning options when setting up new FortiGates. Since then, Fortinet has released FortiZTP to simplify zero touch provisioning further than … FortiZTPRead more
FortiGate BGP and SD-WAN
BGP and SD-WAN are like peanut butter and jelly — just better together. And given that a FortiGate has full-blown BGP routing capabilities in addition to its SD-WAN capabilities, it would make sense to use … FortiGate BGP and SD-WANRead more