Tài liệu: Hướng dẫn LAB FortiGate - FortiOS 7.2

Network Topology
Lab 1: FortiGate Introduction
VM Usernames and Passwords
Exercise 1: Working With the CLI
Explore the CLI
Exercise 2: Generating Configuration Backups
Restore a Configuration From a Backup
Back Up and Encrypt a Configuration File
Restore an Encrypted Configuration Backup
Compare the Headers of Two Configuration Files
Exercise 3: Configuring Administrator Accounts
Configure a User Administrator Profile
Create an Administrator Account
Test the New Administrator Account
Restrict Administrator Access
Test the Restricted Access
Lab 2: Firewall Policies
Exercise 1: Creating Firewall Address Objects and Firewall Policies
Create Firewall Address Objects
Create a Firewall Policy
Test the Firewall Policy and View the Generated Logs
Exercise 2: Reordering Firewall Policies and Firewall Policy Actions
Create a Firewall Policy
Test the Reordering of a Firewall Policy
Exercise 3: Applying ISDB Objects as Destinations
Review the ISDB
Configure a Firewall Policy Destination as an ISDB Object
Test the Internet Service Firewall Policy
Exercise 4: Using Policy Lookup
Enable Existing Firewall Policies
Set Up and Test the Policy Lookup Criteria
Reorder the Firewall Policies
Retest Policy Lookup After Reordering the Firewall Policies
Lab 3: NAT
Exercise 1: Configuring DNAT Settings Using a VIP
Create a VIP
Create a Firewall Policy
Test the VIP Firewall Policy
Test SNAT
Exercise 2: Using Dynamic NAT With IP Pools
Create an IP Pool
Edit a Firewall Policy to Use the IP Pool
Test Dynamic NAT With IP Pools
Exercise 3: Configuring Central SNAT
Configure a Central SNAT Policy
Review the Firewall Policy
Test Central SNAT
Exercise 4: Configuring and Testing DNAT and VIPs
Create DNAT and VIPs
Verify the Firewall Policy Settings
Test DNAT and VIPs
Lab 4: Firewall Authentication
Exercise 1: Configuring Remote Authentication
Configure an LDAP Server on FortiGate
Assign an LDAP User Group to a Firewall Group
Add the Remote User Group to the Firewall Policy
Authenticate and Monitor the Authentication
Remove the User Group From the Firewall Policy
Lab 5: Log Configuration and Monitoring
Exercise 1: Configuring Log Settings
Configure Log Settings
Configure Threat Weight
Exercise 2: Enabling Logging on Firewall Policies
Enable Logging on a Firewall Policy
Exercise 3: Monitoring Logs Through Email Alerts
Configure Email Alerts
Generate Traffic
Generate Traffic Through FIT
Generate Traffic Through Nikto
View Email Alerts
Exercise 4: Viewing Logs on the FortiGate GUI
View Logs From the Log & Report Menu
View Forward Traffic Logs
View Security Profile Logs
View and Filter IPS Logs
View Logs in FortiView
Lab 6: Certificate Operations
Exercise 1: Configuring Full SSL Inspection on Outbound Traffic
Configure SSL Inspection
Enable SSL Inspection on a Firewall Policy
Install the Fortinet_CA_SSL Certificate
Test Full SSL Inspection
Exercise 2: Configuring Full SSL Inspection on Inbound Traffic
Configure a Virtual IP and Firewall Policy
Install the Training CA Certificate
Configure Inbound Full SSL Inspection
Lab 7: Web Filtering
Exercise 1: Configuring FortiGuard Web Filtering
Review the FortiGate Settings
Determine Web Filter Categories
Configure a FortiGuard Category-Based Web Filter
Apply the Web Filter Profile to a Firewall Policy
Test the Web Filter
Create a Web Rating Override
Test the Web Rating Override
Exercise 2: Setting Up Web Filtering Authentication
Set Up the Authenticate Action
Define Users and Groups
Test the Authenticate Action
Lab 8: Application Control
Exercise 1: Controlling Application Traffic
Configure Filter Overrides
Apply the Application Control Profile to the Firewall Policy
Test the Application Control Profile
Configure Application Overrides
Test Application Overrides
View Logs
Exercise 2: Controlling Application Bandwidth Usage
Modify the Application Override Action
Configure a Traffic Shaping Policy
Test Traffic Shaping
Exercise 3: Implementing Application Control in NGFW Policy-Based Mode
Enable Policy-Based NGFW Mode
Configure SSL Inspection and Central SNAT Policies
Configure the Security Policy and Test Application Control
Lab 9: Antivirus
Exercise 1: Using Antivirus Scanning in Proxy-Based Inspection Mode
Change the Antivirus Profile Inspection Mode
Enable the Antivirus Profile on a Firewall Policy
Test the Antivirus Configuration
Test an Alternate Download Method
View the Antivirus Logs
Enable SSL Inspection on a Firewall Policy
Exercise 2: Configuring Flow-Based Antivirus Scanning
Change the Antivirus Profile Inspection Mode
Change the FortiGate Inspection Mode
Test the Flow-Based Antivirus Profile
View the Antivirus Logs
Test the Machine learning (AI) scan
Lab 10: IPS and DoS
Exercise 1: Blocking Known Exploits
Configure IPS Inspection
Apply an IPS Sensor to a VIP Firewall Policy
Generate Attacks From the Linux Server
Monitor the IPS
Exercise 2: Using Rate-Based IPS Signatures
Apply Rate-Based Signatures
Test the Rate-Based Signature
Exercise 3: Mitigating a DoS Attack
Create a DoS Policy
Test the DoS Policy
Lab 11: Security Fabric
Exercise 1: Configuring the Security Fabric on Local-FortiGate and ISFW
Configure FortiAnalyzer Logging on Local-FortiGate (Root)
Configure the Security Fabric on Local-FortiGate (Root)
Configure the Security Fabric on ISFW
Authorize ISFW (Downstream) on Local-FortiGate (Root)
Check the Security Fabric Deployment Result
Exercise 2: Configuring the Security Fabric on Local-FortiGate and Remote-FortiGate
Configure the Security Fabric on Remote-FortiGate (Downstream)
Authorize Remote-FortiGate (Downstream) on Local-FortiGate (Root)
Check the Security Fabric Deployment Result
Exercise 3: Running the Security Rating
Run the Security Rating on the Local-FortiGate (Root)

Download