Make sure you look into some of the other videos on the channel, specially deep packet inspection as most of the traffic going through your device is encrypted so you need some additional steps to be able see into that traffic.
Yes it's much better. Huge improvement. Really enjoy the videos. Maybe for the future you could check if you could place some items that reduce the echo-ing. I think you could fabricate something with curtains/rug/pillows/whatever before you go and purchase all these expensive sound panels.
@@sn3aky-t217 I’m sat in the sound proofed room that’s designed to keep the sound inside! So it’s working against what we need here! I’m going to get some of that foamy stuff and plaster it all over the walls at some point! Thank you for the awesome feedback also!
Thank you for the video. I do have a question: Why in the case of internal traffic leaving to internet we need to apply even the IPS Signatures and Filters ? Is it just enough to enable Block Malicious URLs and Outgoing Connections to Botnet Sites ? so you can save memory and cpu ?
Hey, great question and its something that comes up quite frequency. IF you have the resources to do so then its best practice to apply IPS to outbound policys also. Sometimes malware gets inside your envrioment meaning that the traffic orginates from the inside lets use a TCP based reverse shell for example communicating back to a know C&K server.
Just to get a clarification, if for example, I am protecting a DNS server in an inter-VLAN scenario and I create a filtered IPS sensor like you described, there is no reason to enable deep packet inspection on the policy if all I have is port 53 allowed in the policy since I'm not doing DNS over TLS, correct?
Yes this is correct if your only limiting to DNS meaning all other potential exploits that might be wrapped inside tls/ssl are mitigated only leaving things specific to dns like reflection attacks. I’ll be honest I wanted to expand more on this whole deep packet discussion but the video had already massively overran! I’ll be doing a video at some point specially around deep packet inspection. There are clients out there such as programmable logic controllers in the OT space where you cannot even install a certificate to be able to do it! Thanks for reaching out!
@@FortiBytes I would love to see a video about SSL deep inspection. I notice a lot of companies struggle with it and because of the impact it gives, they are not using it. Causing blind spots. I hope you can do a video that also explains how to deal with apps/websites that don't like SSL deep inspection and also what are like the basic design/implementation routes you take before turning it on and causing a big bang.
@@sn3aky-t217Thanks for reaching out Its the next video I'm doing! (I promise). Its a complex topic that's super important and I want to ensure I hit the spot with it. The videos I have been releasing this week and the one tonight are leading up to it!
a lot of discussion prior to showing the actual tutorial, and then when showing how to create the sensor you gloss over how you actually created the sensor. I would prefer less discussion in the beginning, and a more exact route to create the sensor.
![Firewall - Fortinet - Intrusion Prevention System [IPS]](http://i.ytimg.com/vi/ffYNDI_oN6Q/mqdefault.jpg)
Fantastic....this makes me so excited to explore further and explains in a very understandable way "how things work with Fortigate"
Your very welcome lots of videos on the channel and it’s not going to stop! Let me know if there is anything specific you would like!
Very helpful examples!
Very helpful video, nice and clear, thanks.
Glad it was helpful! Your Welcome!
Thank you. that was very clear and very helpful!
You’re very welcome, checkout some of the other videos there is like 50 or something now. The FortiManager series in particular is recommended.
Golden! Thank you 😊
You’re welcome, more videos soon.
Good video. I just bought my fortigate and thought it was protecting me but it wasn't.
Make sure you look into some of the other videos on the channel, specially deep packet inspection as most of the traffic going through your device is encrypted so you need some additional steps to be able see into that traffic.
@@FortiBytes thanks, I had enabled everything but had to back it down due to certificate warnings
audio much better, much louder and clearer
Thanks Si
Yes it's much better. Huge improvement. Really enjoy the videos. Maybe for the future you could check if you could place some items that reduce the echo-ing. I think you could fabricate something with curtains/rug/pillows/whatever before you go and purchase all these expensive sound panels.
@@sn3aky-t217 I’m sat in the sound proofed room that’s designed to keep the sound inside! So it’s working against what we need here! I’m going to get some of that foamy stuff and plaster it all over the walls at some point! Thank you for the awesome feedback also!
Thank you for the video. I do have a question: Why in the case of internal traffic leaving to internet we need to apply even the IPS Signatures and Filters ? Is it just enough to enable Block Malicious URLs and Outgoing Connections to Botnet Sites ? so you can save memory and cpu ?
Hey, great question and its something that comes up quite frequency. IF you have the resources to do so then its best practice to apply IPS to outbound policys also. Sometimes malware gets inside your envrioment meaning that the traffic orginates from the inside lets use a TCP based reverse shell for example communicating back to a know C&K server.
Just to get a clarification, if for example, I am protecting a DNS server in an inter-VLAN scenario and I create a filtered IPS sensor like you described, there is no reason to enable deep packet inspection on the policy if all I have is port 53 allowed in the policy since I'm not doing DNS over TLS, correct?
Yes this is correct if your only limiting to DNS meaning all other potential exploits that might be wrapped inside tls/ssl are mitigated only leaving things specific to dns like reflection attacks. I’ll be honest I wanted to expand more on this whole deep packet discussion but the video had already massively overran! I’ll be doing a video at some point specially around deep packet inspection. There are clients out there such as programmable logic controllers in the OT space where you cannot even install a certificate to be able to do it! Thanks for reaching out!
@@FortiBytes I would love to see a video about SSL deep inspection. I notice a lot of companies struggle with it and because of the impact it gives, they are not using it. Causing blind spots. I hope you can do a video that also explains how to deal with apps/websites that don't like SSL deep inspection and also what are like the basic design/implementation routes you take before turning it on and causing a big bang.
@@sn3aky-t217Thanks for reaching out Its the next video I'm doing! (I promise). Its a complex topic that's super important and I want to ensure I hit the spot with it. The videos I have been releasing this week and the one tonight are leading up to it!
a lot of discussion prior to showing the actual tutorial, and then when showing how to create the sensor you gloss over how you actually created the sensor. I would prefer less discussion in the beginning, and a more exact route to create the sensor.
Hi 👋 ok no problem I’ll try and do more to the point technical stuff in future. Thanks for taking the time to feedback.