Fortinet Tutorial: Intra-VLAN Blocking Demonstration
HTML-код
- Опубликовано: 20 авг 2024
- In this video, I show you what Intra-VLAN blocking is in my own lab environment using a physical FortiGate 60E and FortiSwitch 548D and two hosts connected to VLAN10.
Have you ever arrived at a hotel to find that you are not alone on the network? In that, you can communicate with everyone else inside the same layer 2 broadcast domain? I recently found myself in a hotel where it was extremely insecure so bad the graphical user interfaces for the CCTV system were accessible to all from the guest WiFI.
This feature can stop or limit communication between hosts putting the control back in your hands and rapidly stopping lateral movement capabilities.
It's a widely used feature in hotel or operational technology deployments and a very underestimated feature that works off arp "spoofing".
// Chris SOCIAL //
/ chris-eddisford-5b676462
// Keywords //
Fortinet
Fortigate
Fortiswitch
FortiAP
Fortinet Fabric
Fortinet how to
Fortinet guide
Fortinet network security
Cybersecurity
// HashTags //
#cybersecurity
#hacking
#networking
#fortinet
#fortigate
Great video. Great explanations of use cases aswell.
Thank you what other videos would you like to see?
@@FortiBytes Explicit Web Proxy ? If you want to collaborate i'd be happy to help!
Yes let’s do something I’m weak on Explicit Web Proxy
Great info. I'm buying switches now for a pfsense network and had forgotten to even check fortinet
Yeh they really shine when you have a FortiGate at the helm! Glad you like the video .
@@FortiBytes Unfortunately I'll never be in that position. We're deploying full scale pfsense now for at least 10 years, by the time we replace our routing solution I wont be doing the installs anymore lol
Good video and good demo !
Thank you I appreciate that. What other videos would you like to see?
Would love to see a deep dive into FortiGate IPS. Topics like IPS directionality as it's applied for servers or clients, IPS signatures typically needed for your everyday Windows AD or File server, etc...
Noted I’ll make it happen within the next few videos I’ll start to desp dive into IPS. A video very soon is going to dive into tls/ssl and why its super important because I’m getting bored of seeing deep packet switched off!
Good video! In my case when i enable the proxy arp, there's no need to configure a policy because allows all traffic automaticaly. I don't want to allow all the traffic, but when i create the policy it still allows all, any suggestions?
Hi what switch and FortiOS version are you using I’ll test it! I think it might have changed between versions. Also not all switches support it.
Hi! I'm using FortiOs 7.4.3 and a Fortiswitch 448D@@FortiBytes