UTM Security with Fortinet
Mastering FortiOS
- 1st Edition - November 27, 2012
- Latest edition
- Authors: Kenneth Tam, Ken McAlpine, Martín H. Hoz Salvador, Josh More, Rick Basile, Bruce Matsugu
- Language: English
Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing,… Read more
Purchase options
Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. Unified Threat Management (UTM) makes network security less complex, cheaper, and more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet's FortiGate in the enterprise.
- Provides tips, tricks, and proven suggestions and guidelines to set up FortiGate implementations
- Presents topics that are not covered (or are not covered in detail) by Fortinet’s documentation
- Discusses hands-on troubleshooting techniques at both the project deployment level and technical implementation area
Network administrators, Information security managers, Network security architects, Computer security and data security professionals
- Dedications
- Acknowledgements
- About The Author
- Foreword
- Preface
- Intended Audience
- Organization of this book
- Section I - General Introduction
- Chapter 1. Introduction to UTM (Unified Threat Management)
- Introduction
- Unified Threat Management (UTM) Foundations
- Solving Problems with UTM
- Current UTM Market Landscape
- Evolution and Future of UTM
- Chapter 2. FortiGate Hardware Overview
- FortiGate Hardware Overview
- FortiGate Custom Hardware Accelerations Overview
- The ‘Black Art’ of FortiGate Sizing
- Centralized Management Platform Overview
- Fortinet Product Portfolio
- References
- Chapter 3. FortiOS Introduction
- Fortios Architecture
- System Options
- Section II: UTM Technologies Explained
- Chapter 4. Connectivity and Networking Technologies
- Operating Modes
- Connectivity
- Routing
- Servicing users
- Virtual Domains (VDOM)
- High Availability
- Chapter 5. Base Network Security
- Firewall
- Chapter 6. Application Security
- FortiGuard
- Application Control
- Network Antivirus/AntiSpyware
- Intrusion Protection (IPS)
- Web Filtering
- Chapter 7. Extended UTM Functionality
- Introduction
- WAN Optimization
- Web Caching
- Endpoint Control
- Data Leak Prevention (DLP)
- Vulnerability Scan
- References
- Chapter 8. Analyzing your Security Information with FortiAnalyzer
- Configuring the FortiAnalyzer
- Configuring Reports
- FortiAnalyzer Generated Alerts
- Log Aggregation
- Log Forwarding
- Log Migration
- Configuring FortiGates
- Additional FortiAnalyzer Features
- Chapter 9. Managing Your Security Configurations with FortiManager
- System Settings Console
- Administrative Domains
- Device Manager
- Device Level Management & Configuration
- Policy & Objects
- Managing Site-to-Site Distributed IPSec VPNs
- Conclusion
- Section III: Implementing a Security (UTM) Project
- Chapter 10. Designing a Security Solution
- Introduction
- Security as a Project
- Establishing a Network Security Architecture
- Gathering Information for Sizing and Configuring a UTM Solution
- Considerations for Planning a UTM Deployment
- Chapter 11. Security with Distributed Enterprise and Retail
- Security Needs and Challenges
- Example Distributed Enterprise and Retail Environment Topologies
- Chapter 12. Security on Financial Services
- Electronic Trading
- Market Data Networks
- The Industry Trends
- The Challenge
- Market Data Multicast Distribution
- Protocol-Independent Multicast-Source-Specific Multicast (PIM-SSM)
- References
- Appendix A. Troubleshooting the Project
- Introduction
- Dealing with Cost Issues
- Dealing with Timing
- Engaging Fortinet Professional Services
- Engaging Fortinet Technical Support
- Appendix B. Troubleshooting Technically
- Introduction
- Resources
- Basic Troubleshooting Overview
- Basic Troubleshooting Tools
- Advanced Troubleshooting Tools
- Appendix C. Country Codes
- Glossary. Glossary
- References
- Subject Index
- Edition: 1
- Latest edition
- Published: November 27, 2012
- Language: English
KT
Kenneth Tam
Kenneth Tam, Fortinet Certified Network Security Professional (FCNSP), is a senior security engineer at Fortinet, providing hands-on installation, support, and training to customers in the North Central United States. He has over 15 years' experience in the networking/security field from working with companies such as Juniper Networks, Netscreen Technologies, 3com, and US Robotics.
Affiliations and expertise
Senior Security Engineer at Fortinet, USAKM
Ken McAlpine
Ken McAlpine, Cisco Certified Internetworking Expert (CCIE), Fortinet Certified Network Security Professional (FCNSP), is a senior consulting systems engineer at Fortinet. His areas of interest and expertise include the overall design, security, implementation, and documentation of a secure smart grid network. As an expert in the field, he regularly presents at conferences, including the Smart Grid Interoperability Conference.
Affiliations and expertise
Senior Consulting Systems Engineer at Fortinet, USAMH
Martín H. Hoz Salvador
Martín H. Hoz Salvador, Fortinet Certified Network Security Professional (FCNSP), Certified Information Systems Security Professional (CISSP), and Certified Information Systems Auditor (CISA), is a systems engineering manager for Latin America and the Caribbean at Fortinet. In this capacity he oversees business development from the engineering standpoint, which includes hands-on demonstrations, partners training, and developing technical documentation. He has over 15 years' experience in the networking/security field, and is a regular presenter at security conferences in Latin America and Europe.
Affiliations and expertise
Systems Engineering Manager for Latin America and the Caribbean at FortinetJM
Josh More
Josh has over fifteen years of experience in IT, and ten years working in Security. Though today, he primarily works as a security consultant, he has also worked in roles ranging from user to developer to system administrator. He holds several security and technical certifications and serves in a leadership position on several security-focused groups. He writes a blog on security at www.starmind.org and www.rjssoftware.com. As security works best from a holistic approach, he works all angles: risk assessments, posture analysis, incident response, malware analysis, infrastructure defense, system forensics, employee training and business strategy. Josh More works at RJS Software Systems, a national data management and security company.
Affiliations and expertise
Senior Security Consultant, RJS Smart Security (CISSP, GIAC-GCIH, GIAC-GSLC)BM
Bruce Matsugu
Bruce Matsugu is currently a consulting systems engineer at Fortinet and has been with Fortinet for over 10-years in a variety of roles including technical support, release management, training, and professional services. A graduate of the University of British Columbia in electrical engineering, Bruce worked previously in hardware design for fibre transport telecom systems and multi-service routers, and in project engineering for wireless messaging systems. He currently lives near Vancouver, BC.
Affiliations and expertise
Consulting Systems Engineer at Fortinet, USARead UTM Security with Fortinet on ScienceDirect