Disable auto installation via USB
An attacker with a physical access to the device could load a new configuration or firmware on the FortiGate using the USB port, reinitializing the device through a power cut. To avoid this, execute the following CLI commands:
config system auto-install
set auto-install-config disable set auto-install-image disable
end
Configure auditing and logging
Audit web facing administration interfaces. By default, FortiGate logs all deny actions. You can check these actions by going to Log & Report > System Events. This default behavior should not be changed. Also secure log files in a central location such as FortiCloud and configure alert email which provides an efficient and direct method of notifying an administrator of events. You can configure log settings by going to Log & Report > Log Settings.
An auditing schedule should be established to routinely inspect logs for signs of intrusion and probing.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!