Fortinet GURU
  • Fortinet GURU
  • About Me
  • Where Fortinet Is Messing Up
  • Office of The CISO YouTube
  • Consulting Services
  • FortinetGURU @ YouTube
  • OCISO Podcast
  • Fortinet GURU
  • About Me
  • Where Fortinet Is Messing Up
  • Office of The CISO YouTube
  • Consulting Services
  • FortinetGURU @ YouTube
  • OCISO Podcast

Category: FortiOS 5.2 Best Practices

Logging and Reporting – FortiOS 5.2 Best Practices

Logging and reporting The default log device settings must be modified so that system performance is not compromised. The FortiGate unit, by default, has all logging of FortiGate features enabled, except for traffic logging. The default logging location will be either the FortiGate unit’s system memory or hard disk, depending […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices 13 Comments

Using Static IPs in a CAPWAP Configuration – FortiOS 5.2 Best Practices

Using static IPs in a CAPWAP configuration In a large FortiAP deployment with more than 20 FortiAPs connecting to a Fortigate Wireless Controller (AC), it is recommended to use static IPs on the access points instead of DHCP, setting the AC IP statically and the AC discovery type to static (Type […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices No Comments

Wireless – FortiOS 5.2 Best Practices

Wireless The following section contains a list of best practices for wireless network configurations with regard to encryption and authentication, geographic location, network planning, power usage, client load balancing, local bridging, SSIDs, and the use of static IPs. Encryption and authentication It is best practice to always enable the strongest […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices 1 Comment

Explicit Proxy – FortiOS 5.2 Best Practices

Explicit proxy For explicit proxies, when configuring limits on the number of concurrent users, you need to allow for the number of users based on their authentication method. Otherwise you may run out of user resources prematurely. Each session-based authenticated user is counted as a single user using their authentication […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices No Comments

Virtual Domains (VDOMS) – FortiOS 5.2 Best Practices

Virtual Domains (VDOMs) VDOMs can provide separate firewall policies and, in NAT/Route mode, completely separate configurations for routing and VPN services for each connected network or organization. This section provides a list of best practices for configuring VDOMs. Per-VDOM resource settings While Global resources apply to resources shared by the […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices No Comments

WAN Optimization – FortiOS 5.2 Best Practices

WAN Optimization WAN Optimization features require significant memory resources and generate a high amount of I/O on disk. Before enabling WAN Optimization, ensure that the memory usage is not too high. If possible, avoid other diskintensive features such as heavy traffic logging on the same disk as the one configured […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices No Comments

FGCP High Availability – FortiOS 5.2 Best Practices

FGCP High Availability Fortinet suggests the following practices related to high availability: Use Active-Active HA to distribute TCP and UTM sessions among multiple cluster units. An active-active cluster may have higher throughput than a standalone FortiGate unit or than an active-passive cluster. Use a different host name on each FortiGate […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices No Comments

Networking – FortiOS 5.2 Best Practices

Networking When configuring your network, ensure that there is no ‘back door’ access to the protected network. For example, if there is a wireless access point, it must be appropriately protected with password and encryption. Be sure to also maintain an up-to-date network diagram which includes IP addressing, cabling, and […]

March 6, 2016March 6, 2016 FortiOS, FortiOS 5.2 Best Practices No Comments

Posts navigation

1 2 … 4

Latest Videos


How To Get Into Cybersecurity



FortiOS 7 Features I am Excited About



FortiOS 7 Features I am Excited About



One Way VOIP Audio Quick Fix



SD-WAN and Use Cases



Importing Policy to FortiManager



Importing Policy to FortiManager



Importing Policy to FortiManager



Don't Use FortiOS 6.2.4



FortiGate Application Control



Free Fortinet Training!


Straight From The GURU

  • Before and Afters
  • Businesss Suggestions
  • Buy Fortinet Hardware
  • Consulting Stories
  • Fortinet GURU
  • FortinetGURU Videos
  • How To
  • Network Photos
  • Personal Network
  • Questions
  • Tips and Tricks

Fortinet Documentation

  • Administration Guides
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiBalancer
  • FortiBridge
  • FortiCache
  • FortiCamera
  • FortiCarrier
  • FortiClient
  • FortiCloud
  • FortiConverter
  • FortiCore
  • FortiExplorer
  • FortiExtender
  • FortiGate
  • FortiGuard
  • FortiGuard News
  • FortiHypervisor
  • FortiMail
  • FortiManager
  • Fortinet
  • Fortinet Datasheets
  • Fortinet Videos
  • FortiOS
  • FortiOS 5.2 Best Practices
  • FortiOS 5.4 Best Practices
  • FortiOS 5.4 Handbook
  • FortiOS 5.6
  • FortiPlanner
  • FortiPresence
  • FortiRecorder
  • FortiSandbox
  • FortiSIEM
  • FortiSwitch
  • FortiToken
  • FortiView
  • Fortivoice
  • FortiWAN
  • FortiWeb
  • Product Info
  • Release Notes
  • Third Party Reports
  • Vulnerabilities

Important Links

  • FortinetGuru @ Youtube
  • Fortinet Cookbook
  • Office of The CISO

Recent Posts

  • What Features Do You Want In FortiOS?
  • FortiOS 7 Features I am Excited About
  • FortiOS 6.6 Brings LTS and Mike Got Fat!
  • Collectors and Analyzers – FortiAnalyzer – FortiOS 6.2.3
  • High Availability – FortiAnalyzer – FortiOS 6.2.3
  • Two-factor authentication – FortiAnalyzer – FortiOS 6.2.3
  • Global Admin – GUI Language – Idle Timeout – FortiAnalyzer – FortiOS 6.2.3
  • Global Admin – Password Policy – FortiAnalyzer – FortiOS 6.2.3
  • Global administration settings – FortiAnalyzer – FortiOS 6.2.3
  • SAML admin authentication – FortiAnalyzer – FortiOS 6.2.3
Fortinet GURU is not owned by or affiliated with Fortinet. | Cybersecurity Definitions and Terms INFOSEC Dictionary | Subscribe To The YouTube Channel!.
If you are in Montgomery Alabama there is always someone to talk to in relation to Montgomery Psychiatry.