Jump to content
Sign in to follow this  

Best practices for FortiGate firewall

Recommended Posts

The best practices for the firewall would be:

1. to limit the number of ports that is available to the public using virtual IP and windows firewall to certain source IP and destination IP.

2. to access the servers by RDP through VPN access with internal IP range.

3. to change passwords regularly (VPN user password, firewall admin password).

4. Limit the internet access for the database server. (enable the internet access if there is a need to for security updates)(database are very sensitive)

5. Use the firewall with the windows firewall simultaneously.

6. make use of FortiCloud(This is a secure hosted log retention)

7. Enable IPS and antivirus security profiles for firewall rules that is facing the public(Internet).

8. to have 2 users for firewall access. (one for Readyspace and one for customer)(so that changes made can be logged)


FortiCloud is a secure cloud log retention as FortiGate is not able to hold the logs for a month. FortiCloud is setup by Fortinet for users to collect the logs for a longer period. It is free for 1GB, which is more than enough for logs retention to at least a good 2 months.



Updated on 17th August 2015

View the full article

Share this post

Link to post
Share on other sites
Sign in to follow this