FortiGate: Why Series? Discovering Different VPN's (SSL, IPSEC & ZNTA)
HTML-код
- Опубликовано: 23 июл 2024
- Dive into the nuances and applications of popular VPN deployments. Starting with Fortinet's SSL VPN, we explore both Web Mode and Client Mode, paving the way to the potential new world in ZTNA. Before moving to ISPEC VPN.
SSL VPN Modes and Operations
ZTNA for Enhanced Remote Connectivity
IPSEC VPN for Site-to-Site Security
Understanding ISPEC VPN, featuring ADVPN
Empower your VPN knowledge with this breakdown of technologies. Whether you're an enthusiast or an IT professional, this video has insights to level up your understanding. Hit play now and secure your virtual journey!
// Timestamps //
00:00 - Video Introduction
00:50 - SSL VPN
01:28 - SSL VPN (Web Browser Mode)
03:20 - SSL VPN (Using FortiClient)
04:28 - SSL VPN (FortiGate to FortiGate)
05:20 - ZTNA for Remote Workers
08:47 - IPSEC VPN (Site to Site)
12:04 - ISPEC & ADVPN
15:09 - Video Summary & Wrap Up
// Chris SOCIAL //
/ chris-eddisford-5b676462
// Keywords //
Fortinet
Fortinet Training
Fortinet Remote Access
Fortinet Home Worker
Fortigate SSL VPN
Fortgate ZTNA
Fortigate IPSEC
Fortigate ADVPN
FortiGate
FortiGate How To?
Fortinet NSE4
Fortinet FCP
// HashTags //
#cybersecurity
#networking
#fortinet
Good video. You should have quoted, that Forti's SSL-VPN is famous about its serious bugs the last months.
Thanks! You’re not wrong it’s all about what methods you use to further secure. Including 1. Put the ssl vpn interface on a loopback then you can use security policy’s. 2. Place the ssl vpn in its own vdom. 3. Where possible use geo-ips in policy or block the known baddies! Other vendors have horrific vulnerabilities also it’s just the game we are in! Some of the recent vulnerabilities have been bad yes but often only impacting devices with poor configuration for example who sends devices out without local in policy’s configured!
Also if you have FortiClient/EMS then you can restrict SSL VPN to only accept connections from "known" registered serial numbers on your EMS. Its another great way of adding further protection - community.fortinet.com/t5/FortiGate/Technical-Tip-Restrict-SSL-VPN-and-Dial-up-IPsec-to-only-devices/ta-p/214456
thank you for the explanation
Glad it was helpful! Let me know if there is anything else you’d like to see.
@@FortiBytes can you make a video about policy-based vs profile-based firewall regarding how firewall policies / traffic are proceed in these modes?
Yes I can do! You don’t see profile based very often in production unless administrators have come from Palo.
@@FortiBytes thank you so much mate!
You’re very welcome. Video soon!