Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 26
35. Lecture-35: FortiGate Firewall Replacement Messages.
We call it a replacement messages after a while, I will show you. Different messages, it will show you, like if they block able to show your message, but you can change the banner and you can change their sentences when you do a new banner. Maybe you want to prove that you are not alone. This is a way to scan in something, whatever you can customize them, the message and also the winner and also the buttons so you can find they’re going.
So, go to system and there is a replacement message using what is a replacement message is. When we start our security profile and they block me from something to it will show a message from here. Do you define Ben Nelson visa? This one is for email collection. This related to 42 page, the one which we will use most, like you are in blog page if I click on this one double click.
So, it will show me like this 40 yard intrusion prevention exercise blog, page, blog. If you don’t like this one, either you don’t need this logo. You can change from here. These are the exit exam in front of me. It’s like I this you can create your own bed like the one which is mentioned here with bad blood, but I don’t know if it is this one. Let me put my something so that I can show you later on.
So, is it better than you already requested. Has been blocked this one. And the message is with a bad blood type here. Eest. Keep in mind this just let me show you. Find somebody, and if you do a mistake in this manner, what you need to do, you can click on this to define what will make you the first one. I just feel for extra. You can change the way that you can change the logo. You can change the message, whatever you are. And the one which is with the green big market has been modified and the other one is using the Diffa one.
So, this one is for you on there’s one implication, control and prevention. What is the message to the White House blog message? Is this one for something extra here? It’s not flowing properly, it’s better to use the little this one it will show like this high security alert.
So, you can check, by the way, you can change the dates, you can change the bin, and you can see exactly what’s going on as well.
So, you don’t want any images. These are the images they are using logo. This one, if you don’t need it, you can replace to your one. Just click on this one. Okay, by the way, this one. Okay, so we can delete them. We can create our own new one, by the way.
So, these are the logo which you are using and the banner you can put your own logo, create new, give them anything support and upload your image, whatever you want to use. I don’t have anything right now if I suppose that it had. It will applaud, okay, Steube, because it’s is a specific. Okay, if you upload your loved one, you can you can delete and you can Sentir, let me go back to these are to manage the images which is used here. This image is, by the way, you know, this small logo. And it would be been you will see a different one here. They are also using the same one so you can manage your own husband and you can edit this one from here, either double click. These are the name which they are using, this being a description. And as you mentioned, something they are mentioned symbol of you, the extended view. It will change them to smaller and more detail. It’s the old one. Okay, so these are the Bednall, keep in mind later and now you will see these banner, then definitely will ask from where this cabinet is coming and can we modify this one? Can we show our own company logo to our user? So, yes, you can do it from replacement messages. Definitely. You can change the message to reflect my company. You did.
So, yes, you can do it from here on. These are mentioned here. I you really the network tiny little security profile. And this one is one security profile, which we will do this one.
So, this one application control, antivirus related blog, message related file blogging related message related application.
So, this one is an the extended view rather than to use a simple view. Okay.
36. Lecture-36: Security Profile Antivirus Profile.
First of all, we will do it as a profile. Endurance, as we know. Basically in the White House against the White House and White, as we discuss in first class, why this is a nothing but an implication. It’s required intubation to harm and damage your network and services should insist system. But we also discussed whams as well again and, you know, what’s what is the difference between is in one? One of them said it doesn’t matter what inactivation either. Any other implication to replicate it, replicate themselves, by the way, and then into again, don’t your network in two minute. Killing the band, so is the difference between White House and law and reality discuss progenies? Also, it looked like the best application, but when you click on them so it against spy, it can damage your network. And Swabian we already discussed again. Spy then to spy undetailed in rare means Milvia. Once again, why this is so basically this new IRS profile will change your communication against the IRS is against the one Dogen inspired Bear so nobody can go to suspicious. You are in and download these detailed. Which to basically do what is protecting you from such a type of attack, and it can be abused, your father can be executed, you will find it can be a Malaysia will be any fine. But endurance profile required a decryption policy, which we will do later in the course, because it shouldn’t be like a weapon tunnel, nobody can open them.
So, how the world will open them so far? Well, look what a transition an authorization means, a certificate so they can open the file and see for such things. Where this is one brilliant spy that if anything, they found, they will block them if you tell them to block, if, you know, monitor them.
So, they really just passing generator logs if you send no block and drop them, whatever you say.
So, endurance profile is the good one to check your communication for any activities. Spyware, malware into a virus using our little stuff, and they have a huge database of these teenagers, we just show you in, for example. A huge database of so many identities.
So, nobody can seem to disguise you are far too old to pass and download the viruses.
So, what we will lose and you will use a smart apology, this might insert System XP and all that is my net net interface and inside I will use any hostelry at any interface. This TUVE interfaces, I will assign one hundred and ninety. And Ned and Chris, you and I begin by change, it’s up to you and next home is to reach out to Lou. And we will apply in the White House to Jake.
So, let me show you some money for the for world and remember, it is this one by every interface is basically. First one is named, which I’m using for women and also for management, second is. I give them an alien semen and third one is also in Lansing, but in Demsey.
So, this is my rent and also management, this my land, and this is my Demsey right now, I only need these two Samaan I know my SOAPnet so ined here because it’s so awesome that I have one to do. But the new one I have one ninety two and sixty and one one four. And my next hope is one one four to get to my next job is one one two two.
So, I give them the basic configuration, which we know from the first day, what interfaces? So, land segment, I’m using one hundred segment, I’m losing one one four one three three, which is management as well. And when as well and Gaza right now, I’m not using. But it is to that one thing I’ll done, which you already know. And every day we are configuring interfaces. Second thing to configure a DNS ID and one one one one is faster. You can see it’s more faster than a Google DNS to always use this one. Many companies double this one now.
So, in one one two. The third thing I can figure out what I would give it to the brain interface one one folder to which I show you next to IP. And the last thing which I need foreign policy to allow each and everything.
So, let me do it by saying it’s easy. Okay, and here I give them the name alone, I’ll learn to win anything, any destination, any time any services accept them, Nedim and allow all station, it’s better to do this one. That’s it. Sumai incertain interface. Which I’m using. Reach age one down under I the same expe in the same lensink, when I went to be a changed their interface to lenses and put them in the lane even though they were deep into as well. But right now I am using Lane and I give them from the same brand when I be. I believe by maybe two, yeah, one thing to do, one sixty and one, two and one dead, hundreds for a while, I believe, just like again for me, one that under vivisect.
So, it means I can go anywhere on the Internet. And I was like, put it. It is a business. It’s really important. Otherwise you oh it will not go to any media means the internet does not work.
So, if I go to Facebook and has to work, if I go to LinkedIn because I know everything and policy.
So, nothing is stop. Okay, it’s going to Facebook and LinkedIn, but there is a website for testing purposes, EIC are European something they created this for this purpose which is related to why it is okay.
So, if I listen to what else we have started to. Because I just created a policy to allow benign Nadhum to join the. That’s why we need a security profile, not a security policy. Okay, so let me go to this Web site if it is open. Okay, so it’s open is the you see, it is something like European, something Europe anyway.
So, let me go to Don here as well, some for testing purposes.
So, let me click on this one and we’ll look at why this is working is open if I downloaded full download. Okay, so why and you want to but in the firewall and downloading this White House file. Why? Because this policy cannot stop me. This is not policy job. This is a security profiling job.
So, now I mean the security profile.
So, go to security profile. The first one is antivirus virus by default to security provider already created. One is going to be fired one. The other is for Wi-Fi. If you want to use their Diffa when it’s okay, it will block most of the stuff. These are the name come in and we are on the use if they reference mean how many times they are used and we are. You can click on this one, Inclan, the exact one, you can edit this one, and because these are very far to reconverted and you can search if you have so many. But anyway, let me create my own click on Create New to create a new antivirus profile and let me give them name. And divide us a little for. This might have little funny name coming, if you need any comment or I suppose this is. And do what a little fun. Of two two, five, five, three, two. You can dial the big white as we try to do what you need to do. If I didn’t get writer’s block them out of money to what is the difference between block and monitor, block means to block them until you drop them. You will not like before I download them. Monitor means it will generate along the, you know, here in the US, but it will not drop them monitoring. It will just generate alert that yes, there is a fire, but it will not stop the fire. Feature certain because we haven’t been this one flu outbreak, CBS intimately, where this one, it can be anything. And inspected protocols for the whole project.
So, I say it should be it should be means hypertext transfer protocol. I mentioned here to let me quickly walk through it should be means hypertext transfer protocol is something means simple mail transfer. This is even more results of our e-mail post office for two or three or four. The e-mail I have Internet message accessible to all this is also e mail protocol, not only Gmail also using this one. By messaging application program interface, this is Microsoft email services, so again, this is related to email if need be filed for which we use to transfer the file and see if it’s from an Internet file system. We using this like any application, like, you know, FPP, find one file itself, find this coming under a common Internet file system like an Internet, you will find FPP, DHT, zip file, FPP, so many things.
So, I these coming under this category. Then let’s go big, so I enable embolism to be a FPP in Syria. Then they say that Tradewinds executively an e-mail attachment is a virus if somebody are dead. If you want to know if you want Lagman, you can upload Kinzie pharmaceutically. This one year, normally we zip them in Sandvine, but if you upload something directly to your Gmail, okay, if I click on Gumbos and upload a new zip file, it will because the firewall this is the same rule that if anybody outage in our deck, any zip file sorry, EXIF also consider them as white as.
So, I’m coming so you can enable this one in the mobile malware protection, you know, your mobile phone if somebody’s using the Internet. Here, let me take it easy for you. If I go somewhere quickly, it will not work. By go to. Even more security, there will be software buildings like this one. Now you will see it will remain an error because it’s a file executable file. After a while, it was Van Neusner Nardiello.
So, you can use the same method here and also for mobile malware, malicious malware, which I told you the whole story of malware. And moves for the guard on the prevention database, if you want to use the database for the yard, which I assure you for the year before, for diversity and use external black list, if you have any external okay, you can use that one to check for any malware black list external. We will do somewhere else. Again, you can put a text file as well. Okay, look at our blog for security reasons.
So, the same thing here you can enable anyway.
So, my profile is really antivirus and okay.
Sort of to decide when I created my own. Now, how can I do this to my role to to policy and object foreign policy and the one which we created who allowed anything? Click on the one. Okay, and, Don, you will see a security profile, the first one is in Bucharest and click on this and choose your endurance profile, Dentate. But let me make a decision. This one would be inspiration. It required a certificate. Forget about me will do certificate. I know it will do me a lot of scientific evidence. Okay, either you can download the certificate and install in every system, then it will not matter. But anyway, right now we are doing security profiling to enable security profiling.
So, if anybody coming from Atlanta in voting for any services to any destination, then it will check for antivirus as well, A.J.. Which was not before. Now let’s go back and do the same exercise again. Let me refresh this page. Okay, this time maybe it will give me a certificate in this crisis. Okay, click on it was. Oh, my goodness. Do you mean we need to refresh this one either. Because when you apply them, so you have to clear the history.
So, let me open again. Okay, and if I can go to. And this one. This time it will give me a certificate because I do not download something to in is done here. Okay, so let’s do a year or two. It was oh, so I need to clear the history. Let’s go to. Billion barrels of Deardon. In your case, it will be not this one, I’m using all browser, so sometimes you can face this issue. This is due to either you have to restart the system and you have to clear your other browser data or you can use another browser is.
So, let me try. This dysprosium. Okay, so clear from the beginning, okay, it’s okay and clear them, okay? If you are using lenders, it will hopefully it will not give you because they have so many things in history and are all details when you apply new rules to area and they will give you better information on them. Okay, so let me read your. By weekend or two and then brother. It was. Okay, this is also showing me the same error after applying this rule.
So, what we can do, close the browser. Close them either need to remove all the history and detail. Okay, just wait a minute. Otherwise, I will remove the system to let me try them again for the last time, we want to advance. This time it’s okay. Okay, so now I need to go to this Web site again, the one which we visited them and we are downloading each and everything.
So, you know. And if I click on this one and hopefully it will stop me this time. Because not good will justify why this is so, and this is due to certificate alone, but it will show you that.
So, look at this, the message high security alert. I assure you, this would be an area before the messages, this one taking them from Systrom replacement messages and which is this replacement message related to antivirus.
So, if you would. White House blog message DoubleClick. Okay, no, the other one. This one.
So, this one is showing me here you are and what I’m finding out there have been changed and this one was mentioned so that I can show you the.
So, let me go to. I’m not permitted to so the man being on this one, high security under my desk and Sue. And if I go back and refresh today, it will be my test as well to prove that it’s getting all the details from the earlier demeanor, you can change them. Just mentioning me then this Web site where you are visiting these things there is a wireless and you can find out more details about this virus from this you are in because we are not using any user.
So, no user, no group, nor what, if anything.
So, it’s not like an ad download how I do if I stop by this firewall.
So, to log and report. And there is antivirus, click on antivirus and you see Revision3 die, which is being blocked because I refresh the page.
So, blood, blood and blood, which is the root of my name is here, dot com and the source type one diabetes, my expe, they were using based services. This time there is them and this detail of the file, you can click on more detail to see all the detail related to as critical what a subordinate filename was. This is the reference to see more detail related to this one and everything beside here. You can go to the board and security stuff you can find from here as well as something. It will come after a while, but anyway, it will show you come up okay. We got normalised time to say this file name. You can make them full, so it will show you more detail, this one malware detective. Okay, this disclosure of this file in precession they created and also show you here. And beside, this will do for you, you say it will be in session as as well. Because station is showing you everything anyway. It will just through the station. There is another thing because I installed the latest water down.
So, they just change a few things. You want to. I don’t I’m not used to this one. You know, I installed, what, six point for the two to the latest one to then change a view.
So, that’s why I’m also a bit confused. But anyway, that’s okay. What was his security fambly will not show here, fear is inevitable. Security laws in Victoria talk about forwarding traffic can also be refined from here is, well, okay, if I close this one so it will show me here again, you can go to more detail and see the forward traffic. But the best way is to verify it from here, either from the dashboard.
So, let’s go. If I missed something, so we apply them, okay, we create our own and we decided to visit the history of scientist who has been planned for 40 will also clearly move the Internet. I believe it was about to show you the airplane.
So, they removed the thread from here. And the new one, anyway, it’s okay from 30 to 35 from antivirus, we already test them, but this is antivirus profiling. Do our best to your security.