Information Gathering – FortiOS 5.2 Best Practices

Information gathering

It is always best practice to perform a full network audit prior to any migration. This should include:

  • Full back up of all security systems (including switches, routers) in case a back-out needs to be performed.
  • Physical and logical network diagram with visual audit Understanding exactly where cables run in the network and verifying they are all correctly labeled is essential to avoid mistakes and unnecessary downtime during the upgrade. Don’t overlook simple things such as:
  • Do I have enough spare interfaces on my switches?
  • Do I have the right fiber (single/multi mode) and right connectors (LC, FC, MTRJ, SC, ST)?
  • Do I have spare cables? (in the heat of the moment, it is simple mistake to break an RJ-45 connector or damage a fiber)
  • Do I have space in the rack for the new equipment?
  • Do I have enough power sockets?

No matter how securely a FortiGate is configured in the network, it cannot help if it has been bypassed; visually checking where the device sits in the network in relation to other devices will ensure you are maintaining security and verify the network diagram is ‘as built’. Details of all networks including subnet masks should be documented at this point to ensure that the replacement device is configured with the correct information.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in FortiOS, FortiOS 5.2 Best Practices on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.