Fortinet GURU
  • Fortinet GURU
  • About Me
  • Where Fortinet Is Messing Up
  • Fortinet GURU Forums
  • Consulting Services
  • FortinetGURU @ YouTube
  • Fortinet GURU
  • About Me
  • Where Fortinet Is Messing Up
  • Fortinet GURU Forums
  • Consulting Services
  • FortinetGURU @ YouTube

Category: FortiOS 6

Best Practices – Logging and reporting

Logging and reporting The default log device settings must be modified so that system performance is not compromised. The FortiGate unit, by default, has all logging of FortiGate features enabled, except for traffic logging. The default logging location will be either the FortiGate unit’s system memory or hard disk, depending […]

March 17, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practices – Using static IPs in a CAPWAP configuration

Using static IPs in a CAPWAP configuration In a large FortiAP deployment with more than 20 FortiAPs connecting to a Fortigate Wireless Controller (AC), it is recommended to use static IPs on the access points instead of DHCP, setting the AC IP statically and the AC discovery type to static […]

March 16, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practice – Wireless

Wireless The following section contains a list of best practices for wireless network configurations with regard to encryption and authentication, geographic location, network planning, power usage, client load balancing, local bridging, SSIDs, and the use of static IPs. Encryption and authentication It is best practice to always enable the strongest […]

March 15, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practice – Explicit proxy

Explicit proxy For explicit proxies, when configuring limits on the number of concurrent users, you need to allow for the number of users based on their authentication method. Otherwise you may run out of user resources prematurely. Each session-based authenticated user is counted as a single user using their authentication […]

March 14, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practices – Virtual Domains (VDOMs)

Virtual Domains (VDOMs) VDOMs can provide separate firewall policies and, in NAT/Route mode, completely separate configurations for routing and VPN services for each connected network or organization. This section provides a list of best practices for configuring VDOMs. Per-VDOM resource settings While Global resources apply to resources shared by the […]

March 13, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practices – WAN Optimization

WAN Optimization WAN Optimization features require significant memory resources and generate a high amount of I/O on disk. Before enabling WAN Optimization, ensure that the memory usage is not too high. If possible, avoid other diskintensive features such as heavy traffic logging on the same disk as the one configured […]

March 12, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practices – FGCP High Availability

FGCP High Availability Fortinet suggests the following practices related to high availability: Use Active-Active HA to distribute TCP and UTM sessions among multiple cluster units. An active-active cluster may have higher throughput than a standalone FortiGate unit or than an active-passive cluster. Use a different host name on each FortiGate […]

March 11, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Best Practices – Networking

Networking When configuring your network, ensure that there is no ‘back door’ access to the protected network. For example, if there is a wireless access point, it must be appropriately protected with password and encryption. Be sure to also maintain an up-to-date network diagram which includes IP addressing, cabling, and […]

March 10, 2020 Administration Guides, FortiGate, FortiOS 6 No Comments

Posts navigation

1 2 … 36

Latest Videos


SD-WAN and Use Cases



Importing Policy to FortiManager



Importing Policy to FortiManager



Importing Policy to FortiManager



Don't Use FortiOS 6.2.4



FortiGate Application Control



Free Fortinet Training!



I Hate This Damn Device!


Straight From The GURU

  • Before and Afters
  • Businesss Suggestions
  • Buy Fortinet Hardware
  • Consulting Stories
  • Fortinet GURU
  • FortinetGURU Videos
  • How To
  • Network Photos
  • Personal Network
  • Questions
  • Tips and Tricks

Fortinet Documentation

  • Administration Guides
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiBalancer
  • FortiBridge
  • FortiCache
  • FortiCamera
  • FortiCarrier
  • FortiClient
  • FortiCloud
  • FortiConverter
  • FortiCore
  • FortiExplorer
  • FortiExtender
  • FortiGate
  • FortiGuard
  • FortiGuard News
  • FortiHypervisor
  • FortiMail
  • FortiManager
  • Fortinet
  • Fortinet Datasheets
  • Fortinet Videos
  • FortiOS
  • FortiOS 5.2 Best Practices
  • FortiOS 5.4 Best Practices
  • FortiOS 5.4 Handbook
  • FortiOS 5.6
  • FortiPlanner
  • FortiPresence
  • FortiRecorder
  • FortiSandbox
  • FortiSIEM
  • FortiSwitch
  • FortiToken
  • FortiView
  • Fortivoice
  • FortiWAN
  • FortiWeb
  • Product Info
  • Release Notes
  • Third Party Reports
  • Vulnerabilities

Important Links

  • FortinetGuru @ Youtube
  • Buy Fortinet Hardware
  • Fortinet GURU Forums
  • Fortinet Cookbook
  • Office of The CISO

Recent Posts

  • FortiOS 6.6 Brings LTS and Mike Got Fat!
  • Collectors and Analyzers – FortiAnalyzer – FortiOS 6.2.3
  • High Availability – FortiAnalyzer – FortiOS 6.2.3
  • Two-factor authentication – FortiAnalyzer – FortiOS 6.2.3
  • Global Admin – GUI Language – Idle Timeout – FortiAnalyzer – FortiOS 6.2.3
  • Global Admin – Password Policy – FortiAnalyzer – FortiOS 6.2.3
  • Global administration settings – FortiAnalyzer – FortiOS 6.2.3
  • SAML admin authentication – FortiAnalyzer – FortiOS 6.2.3
  • Remote authentication server groups – FortiAnalyzer – FortiOS 6.2.3
  • TACACS+ servers – FortiAnalyzer – FortiOS 6.2.3
Fortinet GURU is not owned by or affiliated with Fortinet. | IT Services are provided by Plaric IT, LLC | Subscribe To The YouTube Channel!.