This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Fortinet NSE 4: Network Security Professional:
The Network Security Professional designation recognizes your ability to install and manage the day-to-day configuration, monitoring, and operation of a FortiGate device to support specific corporate network security policies.
NSE 4 Certification:
I recommend this course for network and security professionals who are involved in the day-to-day management, implementation, and administration of a security infrastructure using FortiGate devices.
Course Description:
In this course, you will learn how to use FortiGate Firewall features, including security profiles. You will explore firewall policies, the Fortinet Security Fabric, user authentication, SSL VPN, and how to protect your network using security profiles, such as IPS, antivirus, web filtering, application control, and advanced routing, transparent mode, redundant infrastructure, site-to-site IPsec VPN, single sign-on (SSO), and diagnostics and more.
Outlines:
FortiGate Deployment:
– Perform initial configuration
– Implement the Fortinet Security Fabric
– Configure log settings and diagnose problems using the logs
– Describe and configure VDOMs to split a FortiGate into multiple virtual devices
– Identify and configure different operation modes for an HA cluster
– Diagnose resource and connectivity problems
Content Inspection:
– Describe and inspect encrypted traffic using certificates
– Identify FortiGate inspection modes and configure web and DNS filtering
– Configure application control to monitor and control network applications
– Explain and configure antivirus scanning modes to neutralize malware threats
– Configure IPS, DoS, and WAF to protect the network from hacking and DDoS attacks
Routing and Layer 2 Switching:
– Configure and route packets using static and policy-based routes
– Configure SD-WAN to load balance traffic between multiple WAN links effectively
– Configure FortiGate interfaces or VDOMs to operate as Layer 2 devices
SD-WAN
Virtual Domains (VDOMs)
Intrusion Prevention and Denial of Service
IPsec VPN and SSL VPN
Establish an IPsec VPN tunnel between two FortiGate devices.
Fortinet Single Sign-On (FSSO)
High Availability (HA)
Diagnostics and CLI
Certificate Operations
Logging and Monitoring
Firewall Authentication
Diagnose and correct common problems.
Collect and interpret log entries.
Content Inspection:
– Describe and inspect encrypted traffic using certificates
– Identify FortiGate inspection modes and configure web and DNS filtering
– Configure application control to monitor and control network applications
– Explain and configure antivirus scanning modes to neutralize malware threats
– Configure IPS, DoS, and WAF to protect the network from hacking and DDoS attacks
VPN:
– Configure different SSL-VPN modes to provide secure access to private network
– Implement a meshed or partially redundant IPsec VPN
Product Versions:
FortiOS 7.X
LAB Setup
Administration
Different Deployments
Administrative Access
Routing
DHCP
-
29Static & Dynamic Routing Protocols
-
30Configure Static and Default Route
-
31Theory of Policy Routing
-
32Verify Policy Routing in FortiGate
-
33Theory of Equal Cost Multi-Path
-
34Verify Equal Cost Multi-Path Routing
-
35Theory of Dynamic Routing Protocol RIP
-
36Verify Dynamic Routing Protocol RIP Lab
-
37Theory of Dynamic Routing Protocol OSPF
-
38Verify Dynamic Routing Protocol OSPF Lab
-
39Theory of Dynamic Routing Protocol BGP
-
40Dynamic Routing Protocol BGP Flavors
-
41Verify Dynamic Routing Protocol BGP Lab
NAT & PAT
Security Policies
-
46Theory of Network Address Translation
-
47Policy Source Interface Overload NAT
-
48Policy Source Dynamic Overload NAT
-
49Policy Source One-to-One NAT Lab
-
50Policy Source Fixed Port Rang NAT
-
51Policy Source Port Block Allocation NAT
-
52Central Source NAT in FortiGate Lab
-
53Destination NAT and Virtual IP Lab
-
54Destination NAT & VIP Port Forwarding
-
55VIP without Central SNAT Lab
Windows Server
Authentication
Security Profiles
DoS Policy
-
70Theory of Security Profile
-
71Theory of SSL Inspection
-
72Verify SSL Inspection in FortiGate
-
73Install Certificate in Client PCs
-
74Theory of Antivirus Profile
-
75Verify Antivirus Profile
-
76Theory of Web Filter Profile
-
77Verify Web Filter Profile
-
78Verify Web Rating Override Profile
-
79Verify Web Profile Override FortiGate
-
80Verify DNS Filter Profile
-
81Theory of Application Control
-
82Verify Application Control
-
83Theory of Intrusion Prevention System
-
84Verify Intrusion Prevention System
-
85Theory of File Filter Profile
-
86Verify File Filter Profile