Scribd Logo
Carica

Benvenuto in Scribd!

  • ChatLog Lab Demo FortiGate Security 6 - 2 Self - Paced - May 18 - 19 2020 GMT - 2 2020 - 05 - 19 17 - 09

    Caricato da

    ramadhian89
    53 visualizzazioni4 pagine

    Titolo originale

    ChatLog Lab Demo FortiGate Security 6_2 Self_Paced _ May 18_19 2020 GMT_2 2020_05_19 17_09.rtf

    Copyright

    © © All Rights Reserved

    Formati disponibili

    RTF, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato RTF, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    53 visualizzazioni4 pagine

    ChatLog Lab Demo FortiGate Security 6 - 2 Self - Paced - May 18 - 19 2020 GMT - 2 2020 - 05 - 19 17 - 09

    Caricato da

    ramadhian89

    Copyright:

    © All Rights Reserved
    Scarica in formato RTF, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 4

    Chat Log C:\Users\REP\Documents\ChatLog Lab Demo FortiGate Security 6_2 Self_Paced _ May

    18_19 2020 GMT_2 2020_05_19 17_09.rtf

    Aguinaldo Pedro (to Everyone): 13:59: Hi everynone


    Alexander Röttger (to Everyone): 13:59: good morning
    Ahmed Abdelsalam (to Everyone): 13:59: Hi Aguinaldo :-)
    Aguinaldo Pedro (to Everyone): 13:59: Good morning
    Hassan Amedioune (to Everyone): 13:59: yes
    Ahmed Abdelsalam (to Everyone): 13:59: Yes
    Alexander März (to Everyone): 13:59: yes
    Stefan Agh (to Everyone): 13:59: yes
    Aguinaldo Pedro (to Everyone): 13:59: Yes
    Aguinaldo Pedro (to Everyone): 14:00: Are you there?
    Ahmed Abdelsalam (to Everyone): 14:01: Yes, we will start in the next few minutes
    Wiktor Sedkowski (to Everyone): 14:15: audio gone?
    benjamin quidor dit pasquet (to Everyone): 14:15: Hi Everyone, am i alone with no audio ?
    Dimitrios Giannoulakis (to Everyone): 14:15: I also cannot hear you
    Somma, Gaetano, Vodafone Italy (to Everyone): 14:15: yes, audio gone
    Somma, Gaetano, Vodafone Italy (to Everyone): 14:15: yes
    Saujanya Bohara Bohara (to Everyone): 14:15: audio gone
    Dimitrios Giannoulakis (to Everyone): 14:15: yes
    Stefan Agh (to Everyone): 14:15: Yes now OK
    Ahmed Abdelsalam (to Everyone): 14:16: Now Yes
    Plamenko Hadrovic (to Everyone): 14:19: where can i watch this recorded video?
    Ahmed Abdelsalam (to Everyone): 14:19: The recorded video will be avaliable later on the course page
    in NSE Training institute website
    Ahmed Abdelsalam (to Everyone): 14:19: training.fortinet.com
    benjamin quidor dit pasquet (to Everyone): 14:20: Hi Ahmed, about the deep inspection, we need to
    activated another security profile only if we use the Proxy based ? or both case ?
    Ahmed Abdelsalam (to Everyone): 14:22: @benjamin, in both cases if you would like to do deep ssl
    inspection to decrypt and inspect https traffic
    Ahmed Abdelsalam (to Everyone): 14:24: SSL inspection is a profile that you usually enable along with
    many other profiles (AV, webfilter, App control,..etc) to decrypt any encrypted traffic so it can be examined
    by the assigned security engine (AV, App control ,...etc)
    Wiktor Sedkowski (to Everyone): 14:24: so to use those features related to keyword searching or
    youtube content blocking, we need ssl inspection right?
    benjamin quidor dit pasquet (to Everyone): 14:25: Thk !
    Ahmed Abdelsalam (to Everyone): 14:26: @Wiktor, yes for any content inspection we will need deep ssl
    inspection
    Ahmed Abdelsalam (to Everyone): 14:27: because it is part of the packet payload
    Wiktor Sedkowski (to Everyone): 14:28: yup, thx
    Ahmed Abdelsalam (to Everyone): 14:28: You are most welcome :-)
    Dimitrios Giannoulakis (to Everyone): 14:51: will the Application Control work if I left th policy mode to
    proxy ?
    Ahmed Abdelsalam (to Everyone): 14:52: Yes
    Dimitrios Giannoulakis (to Everyone): 14:52: thanks
    Ahmed Abdelsalam (to Everyone): 14:53: Application control can be configured in proxy-based and
    flow-based firewall policies. However, because application control uses the IPS engine, which uses flow-
    based inspection, inspection is always flow-based.
    Dimitrios Giannoulakis (to Everyone): 14:53: great, makes sence
    Ahmed Abdelsalam (to Everyone): 14:54: Yeah :-)
    Dimitrios Giannoulakis (to Everyone): 15:14: yes
    Hassan Amedioune (to Everyone): 15:14: yes
    Thierry Tummers (to Everyone): 15:14: yes
    Stefan Agh (to Everyone): 15:14: yes
    Hassan Amedioune (to Everyone): 15:19: Hi Ahmed,without a License you can't see the menu option
    Application Signatures? is that right? or is that a new option on the new version?
    Ahmed Abdelsalam (to Everyone): 15:19: Hi Hassan, Hassan in answering now :-)
    Hassan Amedioune (to Everyone): 15:19: ah ok I see.
    Hassan Amedioune (to Everyone): 15:20: thank you,
    Shamsudeen E.P (to Everyone): 15:20: cannot see proxybased webfiltering in 6.2.3
    Ahmed Abdelsalam (to Everyone): 15:20: You are most welcome
    Ahmed Abdelsalam (to Everyone): 15:21: Shamsudeen, please check system > feature visability
    Shamsudeen E.P (to Everyone): 15:23: what to check in feature visibility?
    Ahmed Abdelsalam (to Everyone): 15:23: Explicit proxy
    Shamsudeen E.P (to Everyone): 15:23: ok
    Ahmed Abdelsalam (to Everyone): 15:24: I think you mean WAF (Web Application Firewall). Right?
    Shamsudeen E.P (to Everyone): 15:24: explicity procy is alreday enabled
    Shamsudeen E.P (to Everyone): 15:24: but still not able to see proxy option in webfilter
    Ahmed Abdelsalam (to Everyone): 15:25: You mean the feature set in the webfilter profile? (Proxy or
    Profile)
    Ahmed Abdelsalam (to Everyone): 15:26: or you mean the Web Application Firewall profile
    Ahmed Abdelsalam (to Everyone): 15:26: please clarify :-)
    Hassan Amedioune (to Everyone): 15:38: Is it making any sense to configure deep inspection and all
    those sec features for servers that are in backend? Especially if those only contact some trusted websites
    (as microsoft..)?
    Ahmed Abdelsalam (to Everyone): 15:39: Yes, because the attacking techniques used by Threat actors or
    Hackers
    Hassan Amedioune (to Everyone): 15:40: ok thx
    Ahmed Abdelsalam (to Everyone): 15:40: Attacks like SQL injection, i-frame injection and cross-site
    scripting. It is payload attack
    Ahmed Abdelsalam (to Everyone): 15:41: someone can just inject a malicious code to your webserver
    Ahmed Abdelsalam (to Everyone): 15:41: this isn't a virus that can be detected easily
    Hassan Amedioune (to Everyone): 15:41: ok thank you
    Ahmed Abdelsalam (to Everyone): 15:42: and for SQL injection, the hacker just need to enter a SQL
    injection command as an entry for the username field of your SQL database web interface
    Wiktor Sedkowski (to Everyone): 15:48: '; drop table movies
    Wiktor Sedkowski (to Everyone): 15:48: ;-)
    Dimitrios Giannoulakis (to Everyone): 15:55: if I enable web filtering, and AV, and IPS, and App Control,
    on a single policy, then what will be the order of inspection ?
    Ahmed Abdelsalam (to Everyone): 15:56: Great Question. I will share with you the packet flow document
    which will clarify this point :-)
    Dimitrios Giannoulakis (to Everyone): 15:56: thanks
    Ahmed Abdelsalam (to Everyone): 15:57:
    https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/5c55123e-870f-11e9-81a4-
    00505692583a/FortiOS-6.2.0-Parallel_Path_Processing.pdf
    Ahmed Abdelsalam (to Everyone): 15:58: This document shows packet flow in different configuration
    scanrios :-)
    Dimitrios Giannoulakis (to Everyone): 15:58: thanks
    Ahmed Abdelsalam (to Everyone): 15:59: you are most welcome :-)
    Hassan Amedioune (to Everyone): 16:09: great thanx
    Ahmed Abdelsalam (to Everyone): 16:10: you are most welcome :-)
    Dimitrios Giannoulakis (to Everyone): 16:13: why all and not only the ssl pool ?
    Hassan Amedioune (to Everyone): 16:13: Is that the same if you take both interfaces in a Zone? oinstead
    of multiple IFs?
    Dimitrios Giannoulakis (to Everyone): 16:14: ok, thanks
    Ahmed Abdelsalam (to Everyone): 16:14: @ Hassan
    Ahmed Abdelsalam (to Everyone): 16:14: yes
    Ahmed Abdelsalam (to Everyone): 16:15: You can create a zone and selected later :_
    Ahmed Abdelsalam (to Everyone): 16:15: :-)
    Hassan Amedioune (to Everyone): 16:15: But in this scnario the IFs are not the same Zone.
    Hassan Amedioune (to Everyone): 16:16: I mean is that not a security issues, if you put both Ifs in the
    same Zone?
    Hassan Amedioune (to Everyone): 16:17: ok thx
    Hassan Amedioune (to Everyone): 16:17: okI see
    Kaleab Kassahun (to Everyone): 16:19: Do we have etherchannel on fortigate?
    Ahmed Abdelsalam (to Everyone): 16:20: yes, we can configure it
    Ahmed Abdelsalam (to Everyone): 16:20: etherchannel 802.3ad
    Hassan Amedioune (to Everyone): 16:20: audio goes and comes
    benjamin quidor dit pasquet (to Everyone): 16:21: yep, no audio
    Dimitrios Giannoulakis (to Everyone): 16:21: I cannot hear you as well
    Hassan Amedioune (to Everyone): 16:21: yes
    Somma, Gaetano, Vodafone Italy (to Everyone): 16:21: yes
    benjamin quidor dit pasquet (to Everyone): 16:21: yes, it's ok now
    Alexander März (to Everyone): 16:21: yes
    Ahmed Abdelsalam (to Everyone): 16:21: @Kaleab:
    https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-networking-54/Interfaces/Aggregate
    %20Interfaces.htm
    Somma, Gaetano, Vodafone Italy (to Everyone): 16:32: Connectivity issues for you too?
    Somma, Gaetano, Vodafone Italy (to Everyone): 16:33: for me audio gone
    Ahmed Abdelsalam (to Everyone): 16:33: Sorry Somma, are you facing any issues
    Ahmed Abdelsalam (to Everyone): 16:33: We are currently in a break
    Ahmed Abdelsalam (to Everyone): 16:33: we will be back in two minutes :-)
    Somma, Gaetano, Vodafone Italy (to Everyone): 16:34: I didn't hear that
    Somma, Gaetano, Vodafone Italy (to Everyone): 16:34: I'll restart goto meeting
    Ahmed Abdelsalam (to Everyone): 16:34: Yes please. Thanks!!
    Somma, Gaetano, Vodafone Italy (to Everyone): 16:36: ok I can now see the video again
    Ahmed Abdelsalam (to Everyone): 16:36: Great :-)
    Dimitrios Giannoulakis (to Everyone): 16:57: do local subnet on Local Forti has to much the remote
    subnet on remote forti. I mean in ipsec settings
    Dimitrios Giannoulakis (to Everyone): 16:58: thanks
    Mick Mortensen (to Everyone): 17:01: i think you put the worng local subnet on the local fortigate
    David Tyler (to Everyone): 17:05: Im good thanks!
    Saujanya Bohara Bohara (to Everyone): 17:05: than you for your time
    Ahmed Abdelsalam (to Everyone): 17:06: <http://www.fortinet.com/training/atc.html>.

    Ahmed Abdelsalam (to Everyone): 17:06: http://www.fortinet.com/training/atc.html

    Somma, Gaetano, Vodafone Italy (to Everyone): 17:07: Are you going to send us the videos that tou
    have been recording?
    Somma, Gaetano, Vodafone Italy (to Everyone): 17:07: ok thanks
    Saujanya Bohara Bohara (to Everyone): 17:07: for partners do i have to sing up from training page
    Hassan Amedioune (to Everyone): 17:07: thank you both for the great session also today.
    Braamhaar, Hans (to Everyone): 17:08: Thanks for the sessions, great!
    Stefan Agh (to Everyone): 17:08: Thank you. Bye :-)
    benjamin quidor dit pasquet (to Everyone): 17:08: Thank both for you time.
    Pat Rodgers (to Everyone): 17:08: Thank you very much
    Mick Mortensen (to Everyone): 17:08: Thank you for today
    Thierry Tummers (to Everyone): 17:08: Thank you
    Alexander Röttger (to Everyone): 17:08: thx
    Karoline Skoric (to Everyone): 17:08: Thank you.
    percival sithole (to Everyone): 17:08: thx
    Ahmed Abdelsalam (to Everyone): 17:08: Thank you all :-)
    Mick Mortensen (to Everyone): 17:09: Thank you bye,
    Sebastian Szmytka (to Everyone): 17:09: thank you lads, all the best

    Potrebbero piacerti anche