The Different Types of Networks: A Practitioner’s Field Guide
Ask ten engineers to define "a network" and you will get ten answers that are all correct and none of...
Read MoreDemystifying FortiAuthenticator: Deploying FortiAuthenticator as an LDAP Server for Centralized FortiGate Authentication
1. Executive Summary Objective: This guide turns a FortiAuthenticator (FAC) appliance or VM into a standalone LDAP directory that other...
Read MoreNeed to know information about FortiBleed
DISCLAIMER: Please see link above for the official Fortinet response on "FortiBleed" as of this writing 20260703 FortiBleed, in short:...
Read MoreIs your FortiGate vulnerable to Management Access when using a Let’s Encrypt Certificate
The underlying assumption that Let’s Encrypt requires you to expose your FortiGate's management console or administrative GUI via plain HTTP...
Read MoreBuilding Custom Application Signatures on FortiGate
FortiGate ships with thousands of built-in application signatures, but eventually you will hit traffic it does not recognize: an internal...
Read MoreiTerm2 Deep-Dive Configuration Guide for macOS
A practitioner-grade reference for configuring iTerm2, with emphasis on the powerful and rarely-documented features that separate a default install from...
Read MoreDeploying FortiGate Dynamic Device and OS Identification for Network Visibility and Asset Inventory
1. Executive Summary Objective: This guide walks through enabling and operationalizing FortiGate's Dynamic Device and OS Identification (device detection) so...
Read MoreDemystifying Regular Expressions (Regex) in Fortinet Environments
A Comprehensive Deep Dive, Best Practices, and Ready-to-Use Cheat Sheet 1. Introduction to Regex in FortiOS Regular Expressions (Regex) are...
Read MoreDNS Demystified: Lookup, Caching, Zones, Records, and Security from End to End
1. Executive Summary Objective: This guide explains exactly how DNS resolves a name into an answer, what happens at every...
Read MoreMastering Routing Administrative Distance: A FortiGate and Multi-Vendor Engineering Guide
1. Title and Executive Summary Objective: This guide explains how administrative distance (AD) governs route selection when a router learns...
Read MoreFortiGate-to-FortiGate GRE Tunnel Deployment Guide
Overview A FortiGate can build a strictly GRE tunnel to another FortiGate with no IPsec involved. FortiOS implements Generic Routing...
Read MoreBlocking Scribd Uploads on FortiGate Using Built-In FortiGuard Controls
Customer asked us how to block scribd uploads. I figured I would write an article and share with everyone. Executive...
Read MoreFortiGate Interface and Link Types: A Practitioner’s Field Reference
Executive Summary A FortiGate is only as flexible as the interfaces you build on it. Open the Network > Interfaces...
Read MoreDeploying FortiGate Firewall Policy Disclaimers for Acceptable Use Enforcement
1. Title & Executive Summary Objective: This guide explains how to deploy and operate the FortiGate firewall policy disclaimer, the...
Read MorePower over Ethernet Standards Decoded: Matching PoE Types to the Devices That Need Them
1. Title and Executive Summary Title: Power over Ethernet Standards Decoded: Matching PoE Types to the Devices That Need Them Objective:...
Read MoreDeploying FortiGate Load Balance Health Check Monitors for High-Availability Virtual Servers
1. Executive Summary Objective: This guide documents how to build, apply, and validate Load Balance Monitors (config firewall ldb-monitor) on...
Read MoreDetecting Bettercap on the Wire: Building a Blue-Team Lab to Identify and Alert on Layer-2 MitM Activity
1. Objective This guide builds an isolated detection lab and walks through identifying the network artifacts that Bettercap and similar...
Read MoreImpacket Scripts Explained: A Practitioner’s Field Guide to the Toolkit Every Defender Should Recognize
If you have spent any time in a SOC, on a red team, or staring at a packet capture trying...
Read MoreDeploying FortiGate Public SDN Connectors for AWS: Dynamic Address Automation at Scale
1. Executive Summary Objective: This guide walks through configuring a FortiGate Public SDN (Software-Defined Networking) Connector for Amazon Web Services...
Read MoreWhat Is EVPN and VXLAN? A Practitioner’s Primer
A vendor-neutral deep dive into the control plane and the data plane that modern overlay networks are built on.* Why...
Read More