The FortiWeb Web Application Firewall course provides one day of instructor-led online training where participants will gain the knowledge to deploy, configure, manage and troubleshoot a web application firewall solution using FortiWeb appliances. Instruction is provided in real time over the web through supported browsers; students can participate from any computer with an Internet connection.
Students will learn about the operating modes available for the FortiWeb device along with the protection options that are configurable for each mode. The instructor will demonstrate configuring web server protection profiles, virtual servers, and physical servers in addition to the server policies that are used to secure web applications. At the end of the course, students will be able to identify how policies drive the behavior of the device depending on the operating mode being used.

Hands-on labs allow students to perform the tasks associated with implementing a solution to detect and block attacks using a FortiWeb appliance. Students will initiate a Cross Site Scripting (XSS) attack against a vulnerable web application and then implement a security approach to detect and block the attack. Participants also experiment using Auto-Learn Security Profiles to eliminate the need for manually configured security profiles.

Participants in this course gain the fundamental knowledge required to implement a FortiWeb web security solution within their existing networking infrastructures as well as a solid understanding of the day-to-day management tasks including configuring policies, monitoring logs, troubleshooting, generating reports and other general tasks related to administering the FortiWeb system.

Target Audience

This introductory-level course is intended for networking professionals involved in the installation, administration, management and troubleshooting of a web security infrastructure using FortiWeb appliances.


Upon completion of this course, students will be able to:

  • Configure system settings on the FortiWeb device
  • Create web protection profiles and policies
  • Use the diagnostic tools for troubleshooting and monitoring performance
  • Monitor log information
  • Generate reports

Course Outline

Functional Overview

  • Web application firewalls
  • FortiWeb features and benefits
  • FortiWeb family of devices
  • Operating modes
  • Reverse Proxy
  • Offline Protection
  • Transparent Inspection
  • True Transparent Proxy

System Configuration

  • Administration access
  • Setup wizard
  • V-zones
  • Routing
  • Access profiles

Policies and Profiles

  • Server policies
  • Protection profiles
  • Load balancing
  • Health checks
  • Managing certificates
  • Offloading and inspecting SSL traffic
  • Hosts and host groups

Web Protection

  • Order of execution
  • Cookies
  • Page order and access rules
  • Cross-site scripting


  • Auto-learn profiles
  • Web protection profiles

Web Anti-Defacement

  • Configuring anti-defacement
  • Monitoring file changes
  • Handling file changes

PCI DSS Compliance and Vulnerability Assessment

  • Open Web Application Security Project (OWASP)
  • Vulnerability scan profiles and policies
  • Vulnerability reports

Troubleshooting and Advanced Configuration

  • Monitoring system status and performance
  • Updating FortiGuard Subscription Services
  • Troubleshooting commands
  • High Availability

EquiTrain –a pision of Equinox International- equips organizations with IT skills that are the lifeblood of modern corporate life, as Theyll as the professional expertise required for ensuring productivity and to remain competitive now and tomorrow.

At EquiTrain, They tailor end-to-end training solutions that incorporate both IT and business consultancy to the specific needs of each inpidual customer. They can equip yTheir IT professionals with all they need to quickly maximize yTheir new technology investments as Theyll as pushing forward absolute beginners on their road to IT proficiency.

They offer a broad range of IT and Management training cTheirses and certifications from top technology vendors with a choice of on-site or offsite, public or closed and local or abroad training. Their portfolio of cTheirses is supplemented by Their strategic training alliance with world's leading providers of learning solutions.

See all Equitrain courses

Contact information not available.

Courses you can instantly connect with...
MCTS: .NET Framework 2.0, Web Applications Helper Learning Developing ASP.NET MVC Web Applications New Horizons Egypt Developing Windows Azure and Web Services New Horizons Egypt

Is this the right course for you?

Rate our content

Didn't find what you were looking for ?