Course details

The Secured Network Deployment and IPSec VPN course provides 3 days of instructor-led online training where participants will gain a comprehensive understanding of the advanced networking and security features of the FortiGate Unified Threat Management security appliances. Instruction is provided in real time over the web through supported browsers; students can participate from any computer with an Internet connection.

The lecture and demonstration components of the classroom are presented by a Fortinet-certified
trainer. Hands-on labs allow students to perform the tasks associated with the configuration and troubleshooting of virtual domains, routing, WAN optimization, high availability, IPS, authentication and IPSec VPNs. A virtual lab environment allows student to access the FortiGate devices required for the hands-on exercises without requiring physical Fortinet hardware.

This course demonstrates features that can be easily adapted when planning a secure network deployment using FortiGate Unified Threat Management appliances.This advanced-level course is a continuation of the topics discussed in FortiGate Multi-Threat Security System I – Administration, Content Inspection and SSL VPN (RealTime OnLine Course 201).

Target Audience

This course is intended for networking professionals involved in the design and implementation of a security infrastructure using FortiGate Unified Threat Management appliances. This advanced-level course is a continuation of the topics discussed in FortiGate Multi-Threat Security System I – Administration, Content Inspection and SSL VPN(Course 201). Content in the 301 course is geared to professionals with a sound knowledge of the concepts involved in the operation of a FortiGate device. It is assumed that students are familiar with the topics presented in the 201 course.

Objectives

Upon completion of this course, students will be able to:

  • Construct virtual domains and configure inter-VDOM routing.
  • Use the built-in FortiOS diagnostic tools for troubleshooting and performance monitoring.
  • Configure static and dynamic routing.
  • Define identity-based policies for authentication.
  • Control access to network resources by enabling local user, LDAP and Directory Services authentication.
  • Configure IPS protection to protect network resources from attack.
  • Debug IKE exchanges to troubleshoot connection negotiations.
  • Create IPSec VPNs to permit client access to a FortiGate VPN gateway.
  • Set up a high availability cluster configuration.
  • Configure a FortiGate unit in Transparent Mode.
  • Implement FortiGate traffic optimization techniques.

Course Outline

  • AGENDA - Day 1
  • Virtual Networking
  • VLANs on a FortiGate Unit
  • Global and Virtual Domain Configuration Settings
  • Virtual Domains
  • VDOM Resource Limits
  • Inter-VDOM Links
  • Diagnostics
  • Diagnostic Commands
  • Packet Sniffing
  • Self Help Options
  • Routing
  • Routing Tables
  • Route Elements
  • Static and Policy Routes
  • Route Selection
  • Reverse Path Forwarding
  • Dynamic Routing
  • Routing Information Protocol
  • Open Shortest Path First
  • Border Gateway Protocol
  • Intermediate System to Intermediate System
  • Multicast Routing
  • Routing Diagnostics
  • AGENDA - Day 2
  • Intrusion Prevention System
  • IPS Signatures
  • IPS Sensors
  • Filters
  • IPS Overrides
  • Attack Types
  • Monitoring IPS Attacks
  • Remote User Authentication
  • RADIUS Authentication
  • Dynamic Profiles
  • LDAP Authentication
  • TACACS+ Authentication
  • Digital Certificate Authentication
  • Directory Services Authentication
  • Fortinet Single Sign On
  • Directory Services Authentication
  • Fortinet Single Sign On Components
  • Fortinet Single Sign On Modes
  • NTLM Authentication
  • Certificate-Based Operations
  • Introduction to Cryptography
  • Secure Socket Layer Security
  • Certificate authentication
  • SSL Content Inspection
  • IPSec VPN
  • IPSec Architecture and Protocols
  • Internet Key Exchange
  • IPSec Phase 1 and Phase 2
  • IPSec VPN Modes
  • IPSec Topologies
  • Configuring Route-Based and Policy-Based VPNs
  • IPSec VPN Monitor
  • Overlapping Subnets
  • IPSec Debugging
  • VPN Troubleshooting Tips
  • AGENDA - Day 3
  • Transparent Mode
  • Operating Modes
  • Ethernet Frame and VLAN Tags
  • VLANs on a FortiGate Unit Operating in Transparent Mode
  • Port Pairing
  • Transparent Bridge
  • Broadcast Domains
  • Forwarding Domains
  • Spanning Tree Protocol
  • Link Aggregation
  • WAN Optimization
  • FortiGate WAN Optimization Techniques
  • WAN Optimization Rules
  • WAN Optimization Modes
  • Web Caching
  • Transparent Proxy
  • WCCP v2 Support
  • Monitoring WAN Optimization
  • Wireless
  • Wireless Concepts
  • Thick and Thin Access Points
  • FortiGate Wireless Controllers
  • Managed AP Topologies
  • Controller Discovery
  • Virtual Access Points
  • Guest Networks
  • Wireless Security Modes
  • Access Point Profiles
  • Rogue Access Point Detection
  • Wireless Roaming
  • High Availability
  • High Availability Clusters
  • High Availability Modes of Operation
  • Active-Passive
  • Active-Active
  • FortiGate Clustering Protocol
  • Virtual Addresses
  • FGCP Heartbeat
  • Heartbeat Interfaces
  • HA Configuration Synchronization
  • Virtual MAC Addresses
  • Load Balancing
  • Failover
  • Virtual Clustering
  • Session Synchronization
  • Firmware Upgrades
Updated on 08 November, 2015

About Equitrain

EquiTrain –a pision of Equinox International- equips organizations with IT skills that are the lifeblood of modern corporate life, as Theyll as the professional expertise required for ensuring productivity and to remain competitive now and tomorrow.

At EquiTrain, They tailor end-to-end training solutions that incorporate both IT and business consultancy to the specific needs of each inpidual customer. They can equip yTheir IT professionals with all they need to quickly maximize yTheir new technology investments as Theyll as pushing forward absolute beginners on their road to IT proficiency.

They offer a broad range of IT and Management training cTheirses and certifications from top technology vendors with a choice of on-site or offsite, public or closed and local or abroad training. Their portfolio of cTheirses is supplemented by Their strategic training alliance with world's leading providers of learning solutions.

See all Equitrain courses
Are you from Equitrain ? Claim your course!
Courses you can instantly connect with... Do an online course on Networking and Security starting now. See all courses

Is this the right course for you?

Didn't find what you were looking for ?

or