In a past blog post, I blogged about the various zero touch and low touch provisioning options when setting up new FortiGates. Since then, Fortinet has released FortiZTP to simplify zero touch provisioning further than … FortiZTPRead more
Author: andrewtravis
FortiGate BGP and SD-WAN
BGP and SD-WAN are like peanut butter and jelly — just better together. And given that a FortiGate has full-blown BGP routing capabilities in addition to its SD-WAN capabilities, it would make sense to use … FortiGate BGP and SD-WANRead more
FortiManager as FortiGuard Proxy
In a recent proof of concept, we needed to configure FortiManager and the FortiGates to work through a web proxy. We configured FortiManager to act as the FortiGuard proxy (or FortiGuard Distribution Server (FDS) in … FortiManager as FortiGuard ProxyRead more
Fortinet SD-WAN Lab Setup (2023 Update)
Last year, I blogged about how I had built a SD-WAN lab for FortiGate and FortiManager demos. I wanted to better illustrate Branch deployments and in 2023 I rebuilt the lab with more Branch FortiGates. … Fortinet SD-WAN Lab Setup (2023 Update)Read more
FortiDeceptor for OT Honeypots
I work with a lot of enterprise manufacturing customers and the common challenge is adequately securing Operational Technology (OT) networks. These SCADA, ICS and PLC devices responsible for building products were never designed with security … FortiDeceptor for OT HoneypotsRead more
Fortinet SD-WAN Lab Setup
As a Fortinet Systems Engineer, I will often run SD-WAN proof of concepts for my customers and have a need to create solid configs for these as well. To have this always-on lab, I utilized … Fortinet SD-WAN Lab SetupRead more
FortiGate Zero Touch Provisioning (ZTP) & Low Touch Provisioning
Joining Fortinet as a Systems Engineer, I’m 6 months in and one of the coolest ways to deploy a FortiGate firewall is one of the many Zero Touch Provisioning (ZTP) or low touch provisioning methods. … FortiGate Zero Touch Provisioning (ZTP) & Low Touch ProvisioningRead more
GIAC GCFA Preparation
Back in December I took my first forensics course: SANS FOR508. Low and behold the following week I would use those skills to perform forensics analysis on an old Solarwinds server not in use (but … GIAC GCFA PreparationRead more
Suricata Rule Updates on Corelight
We purchased a Corelight AP3000 recently to run Zeek and Suricata and send these logs to our SIEM. This was my first time running Suricata in my environment and I quickly learned that Suricata is … Suricata Rule Updates on CorelightRead more
Homebrew Temperature Monitoring
I love technology and I love to homebrew. Recently, I converted our old freezer chest to a keezer to store my homebrew kegs and commercial ones I had bought through local craft brewers. I use … Homebrew Temperature MonitoringRead more