Chapter 11 – Hardening

Chapter 11 – Hardening

This document describes a series of techniques used to improve the security of administrative access to a FortiGate device.


The following sections are included:

  • Install the FortiGate unit in a physically secure location
  • Maintain the firmware
  • Add new administrator accounts
  • Change the admin account name and limit access to this account
  • Only allow administrative access to the external interface when needed
  • When enabling remote access, configure Trusted Hosts and Two-factor Authentication
  • Change the default administrative port to a non-standard port
  • Modify the device name Register with support services Maintain short login timeouts
  • Enable automatic clock synchronization
  • Enable Password Policy
  • Modify administrator account Lockout Duration and Threshold values
  • Disable auto installation via USB Configure auditing and logging


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.