Preface

Firewall technologies are growing very fast and knowing how to protect the network is vital for network administrators. A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Firewalls have been the first line of defense in network security for over 25 years.[1] The lack of materials available for students to learn is part of our issue.

Since I have been teaching Enterprise Security at BCIT, I have received a lot of feedback from my students. Then, I have decided to collect all labs and make them as a book for students. This book is part of the Enterprise Security Course and is based on the practical labs in the class. Each chapter begins with a learning objective and step-by-step explanations in GNS3 to beginners on how to build different security scenarios from scratch.

The book is divided into ten chapters as following:

  • Chapter 1 – Basic Settings of FortiGate firewall and how to work with CLI or GUI to configure the firewall.
  • Chapter 2 – Policy: We will focus on firewall policy and how firewall pass the traffic from one port to another port.
  • Chapter 3 – NAT: We will use Source NAT and Destination NAT. You will learn how to use port forwarding when you are using DNAT.
  • Chapter 4 – VPN: This is very important chapter focus on SSL VPN and IPSEC VPN. You will learn how to set site-to-site VPN.
  • Chapter 5 – Authentication: This chapter will focus on Captive Portal and FSSO. You will learn how to install FSSO Agent in the server and monitor Active Directory.
  • Chapter 6 – High Availability: This chapter will focus on High Availability(Active-Passive) in FortiGate firewalls.
  • Chapter 7 – Security: This chapter will focus on security profile, DDOS prevention and Vlans configuration.
  • Chapter 8 – VDOM or Virtual Domain is a feature in FortiGate firewalls to manage resources and access. You will learn how to enable VDOM and how to use it.
  • Chapter 9 – SDWAN: This chapter will focus on SDWAN and how to use this feature.
  • Chapter 10- Cloud Technologies: This chapter will focus on how to deploy FortiGate in the cloud.
  • Appendix: We will cover basic GNS3 settings you need during this book.

As we know “a picture is worth 1000 words” and that is why this book is based on snapshots and screen-capture all the steps and configurations. This will be useful for fast-tracking. This book will be a practical resource/guide that can be used by BCIT students, and students at other institutions as well as IT professionals.

Hamid Talebi


License

Share This Book