Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 31
41. Lecture-41: Security Profile File Filter.
Security profile is filed for you, as the name suggests, to filter the file. Okay, there is no body farm. You can create your own, you can edit Clonan billion instead of the same name comments and reference.
So, click on create, give them samples. While Fiorito. Okay, and this is a guy who can’t dance, you know, he is if it will skin those has been featured. We wanted to discuss this one, certainly with this one. These are the rules to create, create new. And I do know this is a common Internet filesystems, an FBI showing by email from 370. I told you already. And it will just give them any names of suppose, ABC and Traffic, either incoming and outgoing bullets or you say more traffic. Okay, we’re going to find out these are different. I to stop them, like I say, one about a guy. What would you say to find his theory solely to like GPG jsem on sale on the. I want to start this because I saw the picture one, okay? I just need to see in the Zephania and this also filed suit to towards beauty if as well.
So, these are very different. This one AC. Voir dire to block the issue in. And okay. Okay, so these five will be blunt, they’re going to weaken enamel from the air, are we here to hold you somewhere to enable it if we see if it is here on or otherwise? Well, this one we here to allow us here.
So, let me remove base and choose our file, this one, because we want to do this separately. This one. Okay, so now you say those files, which was the file name.
So, let’s go back to security profile. I just want to win this one. I need to test the fine between black.
So, exemplary is also here, okay? So, now let’s go to an inferior file.
Some people, if anything, some. Beauty of. Searching computer files to test them. Okay. And Lance. My goodness, let’s go back to this one. Yeah, that’ll Browsr. And let me go to Larcombe. Okay, and let me start, Jamie, beautify their image, even read the blog, the images Isbin. Okay, so let’s try something. Believe. I just need any bibliophile, either in my major crazy, I can download any link, by the way. Okay, so, yes, this is serious. Let’s see if they can stop me or not, by the way, it has to stop me from downloading because I told them then these people are not allowed to download beauty of the images, BNP images, GPG give.
So, anything I give them so you can control the fine as well through security, provide the file which you don’t need either. You want to stop them. Okay. And even if you say in Zeffira, be Mr.. And how did it feel to logs? And there is. Yeah, Fifita.
So, look, it’s been a year, it has been blah, because I was accessing this beauty of. You know, and you are a major Diffa to some believe so, some people believe it’s been bloody because five died was this one. And action is being blocked in the Senate where you can block any images in everything, whatever we mention here.
So, you can control everything.
So, let me go to security profile file folder and these are file filter six things we don’t deny except Jesus period of transition.
So, if you try to download this file, it will block you and you can see the result from here if you want to file a filter and it will show you the reason.
So, this this is being blocked. Okay, that’s an.
42. Lecture-42: FortiGate Firewall Inspection Mode.
First, we will do inspections more, what is inspection mode? Inspection means checking, examining something, we call them inspection. Normally, we suspect this thing is soldier our.
So, when we examine something, are we checking really for something we call them inspection? So, in. For the good firewall, we have also inspection mode to date about more we. And, you know, I told you, I will show you later if we voodoo’s policy in June. Well, I don’t want a policy and or if I run, you will say before policy is here to stay for one policy. If I said creative new there is I lift this one. I told you I will show you inspection more so when reconfiguring any policy supposedly to in. Incoming interface is the land mine my inside, it will go to win supplies and sources, anything destination is anything schedulers is all the time, so do anything each. And I want to allow this policy rather than deny.
So, after that, you will find out inspection more isn’t flawless either from Seabass.
So, to examine something, because this policy really examining is something coming from line to win and going to win.
So, there are two possibilities. Flaubert’s, which is very different than what you will find on this one floor.
So, what is floor? This base is basically taking a snapshot of the candidates, what they what is coming in this case from land to in. It will. During the first. Continues faster as far as it will go if you are using flow based and require lot resources. And check each finger. Which is sending rescue. It means that will not make fun of the whole picture to examine, but what they want is coming here to the chicken fried chicken Fadwa. Anything coming? And Smolkin told me it’s not working for me a whole year to come and examine and then farther north.
So, we call them Flaubert’s, it means they can buy bigger chicken, you can see.
So, definitely it will be faster as compared to the other one. It’s required less UV and definitely if it is like anything coming up with a drink and process with different rules require less UV in room and different, it will be faster as compared to the one. But there is a chance is. They will not Najid, each and everything means false positives and false negatives chances. Why, if somebody sent. I think it with the White House using any spyware to indicate. Meeting separately, so it will not understand them because you divide them and send them why this is so we’ll check the First Brigade and we’ll say the White House is a smart dividing them. It’s okay. Get this regard, because the whole world has been they can understand that this is a White House.
So, there is a chance his error, which we call them false positives, either false negative.
So, this is flow based, but it depends on your environment in which environment you are using and which you want to utilize and which you want to choose from these two. You want to examine the bacon with this coming from one zone and going to another zone from one interface and going to another zone. Which means you want to use, you need. Floor beside the need, the proxy base. If you have an environment like this, suppose you have applications that were in DMZ. But you need a faster response to the user. Just give me one example, there can be so many examples.
So, if you are using Flaubert’s, so the response will be faster because the first record company will check in for reduplication server and Dunwell will go forward quickly. Rather than the use of the for begin to examine the whole thing. And then forward to the implications that were there. Yes, we think. Everything is clear and David. To begin by injured in conclusion and with them so this more can floor basement, which you can find here, inspection more floor this. Sir, I have one question. Yes, I suppose we have applied one policy and we applied the profiles, also some profiles they can do at us and I think it’s coming from outside towards our server.
So, that time inspection will happen for the Antibalas profile also. Yes. Because it’s checking on the theme from here to in security profile is different thing, which we can attach to this policy that if you learn to in some ways, it can be from learning to learn as well as using. Yes.
So, from when the traffic is skimming sources, anything destination is maybe an hour Bamsey a week and give them a range of usually how we can configure them if you want to put their time in their wallet and this time only the services will be available, which said we’re still looking for the specific services as well as to you do besides the FBI to e-mail whatever you annexion you want to ask them, but inspiration more. Do you want to allow flow base? So, I mean, that doesn’t mean that it will only this Flaubert’s will lead. Just how do they know anything? You are planning the security profile. It will get like this to if somebody is in the White House is in part.
So, definitely the White House will not recognize them. You are an agent. What is provided? So, it will say, okay, just by participating, checking.
So, there is a chance in the White House can come. To your and from just like maybe in your DMZ. But is faster is I say this the only thing about the advantages of lobbies and so on and so forth, to get food is not the best. Fortinet is worth. It’s not a sprint, big fellow. No, no, no, no. Let me tell you, because we have other option. as well today will to you how it is working, because we will discuss so many more. One of them in inspection more.
So, now we’re checking your advice. Forget everything, anything, any security profile it triggered by step by step as well if you are using inspection mode like Slovis. The only advantage I can see is faster and less resources and response time will be quicker. And I give an example implication, sir, which is not more danger. And you put be flow so the user can quickly access this one and they can forward their traffic and then send. Now, coming to the other inspiration world, which is a proxy based model, is the name also suggests it’s like a proxy between the two zone interfaces. What they will do, they will say, no, no, no, no, you cannot go individually, just wait here. Let me set you for each and everything. I will take time. But I want to check you so it’s slower than the other one based, but when the whole thing could reach and examine the edge and everything, when everything is cleared as a whole, they will process them.
So, now you can go. Also in this way, they will know and you know, last time when you were doing so many are profiled, so not only sometimes I can see the better and sometimes it was not showing me the better. The guy we were using. Profiling this.
So, the flow is so in flow, but sometimes the winner was not showing they consider them, oh, I need to do this as something we did not get properly, but to summarize them and flow this normally, I did not receive the winner on time because it was checking back by some.
Sometimes they missed them, but in proximity, if I make them proxy based and this each and every which will analyze them and divide us and our growth profile, this time we will shoot the winner each and every time because are checking in later than their day in court decision. Rather than to come and go basis in proxy more inspection mode, they will examine the whole picture and then they will forward them.
So, that’s why it will show the end will generate another page properly, which was not showing us last time. Most of the time we did not assume the benefit and this way I’d done it again and again. I assure you that being a. Also in these two more some features missing in one more than Sofija is missing and the other more. It’s also a possibility.
So, then we’re making use of proxy based more if data leak prevention, either you help sensitive data, you don’t care about the speed, but you care about that and then use proxy based more.
So, you have internal e-mails, so. Either you help.
Something external, either internal and BMC, whatever it can be, any things, but you are more worried about your e-mails server that nobody can take and no virus can come inside. By any chance then make your inspection more to process you base your user will get some slowness as compared to the floor base, but it will examine each and every thing by anybody’s e-mail filtering IBSA ideas and do whatever we did last time. Each and everything will be checked one by one and then they will say, okay, now you are clean, you can go. Also datalink prevention, we also did want to check for any of that and not to go outside to your environment since their daughter.
So, in that case, it’s better to use proxy based more.
So, this is the only difference between these two and how we can do it is so simple, okay, you can create one policy separately and another one like and mudflow and and borders you proximity to. Like from Wimbledon, I make them both CBS, CBS and the resulting decision, if you want to, regarding. Maybe you are thinking that can I create another policy separately and another. Yes, now I want to create a plan to win to someone because I give them the same name, the name to win.
So, we learn to win.
Souls can be anything. Miscegenation can be anything. Just for this of it will be. And this time, I want to save Lomis and want to regard on decision what what is going in, okay? Did I leave something? Yes, okay, so one policy is a flow of low base and the other is proxy. You can do it in such a way as. It’s up to. And then depending on your. Environment and. Apology and maybe your requirement, new requirement. There is nothing to do more this the only thing Flaubert’s and. Roeg seabass. And you can just enable and disable them and you will feel the difference when you are existing in some services.
So, there is no such political dynamic and the only thing is it will flow. This will be a very faster and CBS will be in this case, it will be sad because we are losing what environment if I do something so I cannot feel the changes.
So, therefore I can show you anything. But just to tell you.
So, all of this is incredibly difficult and also is taking a snapshot, and when we can examine and this and father and proxy based will examine the whole thing, then it will forward and it will follow all living some feature capabilities and some, like some broad security profile, may be available here at work. It may not be a but inflow. This there is a list I will share with you. This is also another difference between these two. A danger. There is no such thing.