According to FortiGuard labs, there are three key areas that attackers are investing in, AI-based malware creation, self-learning swarms and automated malware delivery. To address these challenges, customers have told us that they need an agile platform, that supports a plug and play approach, so they can update the security infrastructure on their timetable. Most importantly allow them to automate processes as much as possible.  This is where the Fortinet Security Fabric can really help. It provides broad visibility to identify advanced attacks across the entire attack surface, integrated AI-driven security solutions that all work cohesively together to provide protection and it allows organization to achieve an automated and coordinated threat response. These are the key ingredients to building an effective breach protection strategy.

Attend this hands-on technical training workshop to learn how AI-Driven Breach Protection sandboxing and Virtual Security Analyst can break the kill chain and help protect an organization’s network.

This solution covers:

  • Detecting Zero-Day Malware with Sandboxing (FortiSandbox)
  • Sub-Second Threat Investigation and Response with AI-Powered Cybersecurity (FortiAI)
  • Deceive, Expose and Eliminate External and Internal Threats with Deception-based Breach Protection (FortiDeceptor)
  • Challenge – Defending AcmeCorp (this section has use case involving FortiGate, FortiMail, FortiSandbox, and FortiClient EMS)

In this course, you are assigned a series of do-it-yourself (DIY) configuration tasks in a virtual lab environment.

The configuration tasks cover some of the topics in the NSE 4 certification exam and include the use of the most common FortiGate features, such as firewall policies, the Fortinet Security Fabric, user authentication, SSL and IPsec VPNs, equal-cost multi-path (ECMP) routing, SD-WAN, high availability (HA), and content inspection.

This course is not a replacement for the FortiGate Security and FortiGate Infrastructure courses. 

Product Version

FortiOS 7.0

Course Duration

Labtime (estimated): 7 hours

Who Should Attend

Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks should attend this course.

The NSE 4 Immersion course is intended for students who have some experience operating FortiGate devices and want to refresh their skills. This course is ideal for students who have already taken the NSE 4 FortiGate Security and FortiGate Infrastructure courses, or have equivalent working experience, and want to get more hands-on lab practice before taking the NSE 4 certification exam.

Certification

The NSE 4 Immersion course helps students to reinforce the knowledge learned during the FortiGate Security and FortiGate Infrastructure courses.

The labs in this course cover a subset of the topics that are part of the NSE 4 certification. If you are preparing for the NSE 4 certification, or want to learn about other FortiGate features, Fortinet recommends that you enroll in the FortiGate Security and FortiGate Infrastructure courses first, before enrolling in the NSE4 Immersion course.

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

NSE 4 FortiGate Security
NSE 4 FortiGate Infrastructure

Dates & Times:

Part 1: Monday, October 31 | 1:00 PM - 5:00 PM
Part 2: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 4: Wednesday, November 2 | 1:00 PM - 5:00 PM

NSE 4 Certification Exam: Thursday, November 3 | 8:00 AM - 12:00 PM

The course "Automation, API & Scripting" will focus on different aspects of Automation. On day one the automation features that are ready-to-use inside FortiOS & FortiManager/FortiAnalyzer will be explored along with how to set up an environment for demo/testing Automation features.

Day two will take automation one step further by exploring and interacting with the API capabilities of FortiOS, FortiManager/FortiAnalyzer and FortiAuthenticator using various tools.

Day two also includes an introduction to python scripting where you'll learn how to interact with Fortinet devices using SSH and the API to explore the capabilities of automation using python scripts.

Pre-requisites:

  • NSE 4 Certification
  • Recommended:
    • Basic knowledge on FortiManager/FortiAnalyzer/FortiAuthenticator
    • Basic scripting knowledge

Requirements:

  • Students must have their own laptops (15” screen minimum)
  • Fortinet Developer Network (https://fndn.fortinet.net) account with access to FortiAPI
  • Broadband or LAN Internet connectivity
  • It’s highly recommended to have a second screen

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

This cybersecurity module will explore the practical use of 3rd party (open source) and Fortinet solutions for malware analysis. Comprised of theory lessons and hands-on labs, this course will get the students to understand fundamental concepts about malware analysis, perform basic analysis using open-source tools, and leverage Fortinet solutions for advanced and automated malware analysis.

Students will work with live malware samples to analyze their characteristics and behavior Fortinet solutions and 3rd party tools.

Pre-requisites:

  • NSE 4 certification
  • Basic end-user experience with command line interfaces (Linux shell and Windows PowerShell)
  • Solid knowledge of network protocols (such as IP, TCP, UDP, HTTP, DNS, and so on)
  • Conceptual knowledge about Fortinet advanced threat protection solutions:
    • FortiSandbox
    • FortiEDR
    • FortiClient
    • FortiGate
  • Attended the following NSE training
    • NSE 5 FortiEDR
    • NSE 7 Advanced Threat Protection
  • Recommended:
    • NSE 7 Security Architect certification (passed ATP exam)
    • Hands-on experience with Fortinet advanced threat protection solutions
      • FortiSandbox
      • FortiEDR
      • FortiClient
      • FortiGate
    • Basic hands-on experience with 3rd party tools
      • Linux shell (CLI)
      • Kali Linux
      • Metasploit
      • Wireshark

Requirements:

  • Students must have their own laptops (15” screen minimum)
  • Broadband or LAN Internet connectivity
  • Updated web browser (Google Chrome recommended)
  • It is highly recommended to have a second screen

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

This cybersecurity module will explore the practical use of Fortinet solutions as Threat Intelligence and Threat Hunting platforms. Comprised of theory lessons and hands-on labs, this course will get the students to understand fundamental concepts about cyber threat intelligence and how to leverage Fortinet solutions to perform Threat Intelligence management (collection, enrichment, and so on) and Threat Hunting.

Students will leverage widely adopted industry frameworks and models to comprehend how to use Threat Intelligence to understand adversary behavior and perform threat hunting in search of indicators of undetected threats that are occurring or may have occurred in the past. They will then emulate adversary behavior to reproduce certain threat scenarios and execute threat hunting activities using Fortinet solutions and 3rd party tools.

Pre-requisites

  • NSE 4 certification
  • Basic end-user experience with command line interfaces (Linux shell and Windows PowerShell)
  • Solid knowledge of network protocols (such as IP, TCP, UDP, HTTP, DNS, and so on)
  • Conceptual knowledge about Fortinet security operations solutions:
    • FortiAnalyzer
    • FortiSIEM
    • FortiSOAR
    • FortiEDR
  • Attended the following NSE training
    • NSE 5—FortiSIEM
    • NSE 5—FortiEDR
  • Recommended:
    • NSE 5 (passed FortiSIEM and FortiEDR exams)
    • NSE 7 Security Architect certification
    • Hands-on experience with Fortinet security operations solutions
      • FortiAnalyzer
      • FortiSIEM
      • FortiSOAR
      • FortiEDR
    • Basic hands-on experience with Kali Linux
      • Metasploit
      • Burp Suite
      • Browser Exploitation Framework (BeEF)

Requirements:

  • Students must have their own laptops (15” screen minimum)
  • Broadband or LAN Internet connectivity
  • Updated web browser (Google Chrome recommended)
  • It’s highly recommended to have a second screen

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will explore the practical use of Fortinet security operations solutions to detect, investigate, and respond to Advanced Persistent Threats (APTs). Comprised of theory lessons and hands-on labs, this course will guide you to understand how to execute advanced threats, how threat actors behave, and how security operations handle such threats.

You will leverage widely adopted industry frameworks and models to comprehend advanced complex attacks (APTs) and adversary behavior. Then, you will use these foundations to build detection capabilities and emulate adversary activity.

Finally, you will go through industry guidelines for incident handling and practical utilization of Fortinet solutions to detect, analyze, and respond to the previously emulated incident.

Product Version

  • FortiSIEM 5.3.0
  • FortiSOAR 6.0.0

Who Should Attend

Security professionals involved in the architectural design, implementation, and monitoring of Fortinet SOC solutions based on FortiSOAR and FortiSIEM devices.

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will learn the fundamentals of using FortiAnalyzer for centralized logging and reporting. You will learn how to configure and deploy FortiAnalyzer, and identify threats and attack patterns through logging, analysis, and reporting. Finally, you will examine the management of events, incidents, playbooks, and some helpful troubleshooting techniques.

Product Version

  • FortiAnalyzer 7.0.2

Who Should Attend

Anyone who is responsible for the day-to-day management of FortiAnalyzer devices and FortiGate security information.

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will learn how to use the FortiClient EMS feature, provision FortiClient endpoints, FortiClient EMS Security Fabric integration, explore different editions of FortiClient, and deploy and configure ZTNA agent and endpoint security features. These fundamentals of the product will provide you with a solid understanding of how to deploy, manage and maintain endpoint security using FortiClient EMS products.

Product Version

  • FortiClient EMS 7.0.1
  • FortiClient 7.0
  • FortiOS 7.0.1

Who Should Attend

IT and security professionals involved in the management, configuration, and administration of FortiClient EMS endpoints used to secure devices for their organizations should attend this course. Participants should have a thorough understanding of endpoint solutions.

Certification

This course is intended to help you prepare for the FortiClient 7.0 specialist exam. This is one of the courses that prepares you to take the NSE 5 certification exam.

Prerequisites

A basic understanding of endpoint protection solutions.

Requirements:

  • Students must have their own laptops (15” screen minimum)
  • Fortinet Developer Network (https://fndn.fortinet.net) account with access to FortiAPI
  • Broadband or LAN Internet connectivity
  • It’s highly recommended to have a second screen

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will learn the fundamentals of using FortiManager for the centralized network administration of many FortiGate devices.

In interactive labs, you will explore deployment strategies, which include single or multiple ADOMs, device registration, policy packages, shared objects, installing configuration changes, provisioning FortiManager as a local FortiGuard distribution server, and troubleshooting the features that are critical to day-to-day use after you deploy FortiManager.

Product Version

  • FortiManager 7.0.1

Who Should Attend

Anyone who is responsible for the day-to-day management of FortiGate security policies using the FortiManager platform.

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will learn how to implement, troubleshoot, and centrally manage an enterprise security infrastructure composed of multiple FortiGate devices.

Product Version

  • FortiGate 7.0.1
  • FortiManager 7.0.1 l FortiAnalyzer 7.0.1

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course (formerly Secure Access), you will learn how FortiGate, FortiAP, FortiSwitch, FortiManager, and FortiAuthenticator enable secure connectivity over wired and wireless networks. You will also learn how to provision, administer, monitor, and secure network access using FortiAP, FortiSwitch, and centralized management on FortiManager.

Product Version

  • FortiGate 7.0
  • FortiAP 6.4
  • FortiSwitch 7.0
  • FortiAnalyzer 7.0
  • FortiManager 7.0
  • FortiAuthenticator 6.4

Who Should Attend

Networking and security professionals involved in the design, administration, and management of FortiGate, FortiManager, FortiAP, FortiSwitch, and Wireless Manager devices used to secure access to their organization's resources should attend this course.

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will learn about the different components that make up the infrastructures of the top public cloud providers, and the security challenges these environments present, including high availability (HA), auto-scaling, software-defined network (SDN) connectors, and how to manage traffic in the cloud with Fortinet products.

Product Version

  • FortiGate 6.4
  • FortiWeb 6.3

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

In this course, you will learn about common SD-WAN deployment scenarios using the Fortinet Secure SD-WAN solution. You will explore different situations, from a single enterprise site to multiple data center environments, that will help you to enhance and troubleshoot SD-WAN deployments.

Product Version

  • FortiOS 7.0.3
  • FortiManager 7.0.2

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

This course covers the knowledge, skills, and abilities to define, design, deploy and manage Zero Trust Access using different Fortinet technologies. You will learn how to configure FortiGate, FortiClient EMS, FortiAutheticator, FortiNAC and FortiAnalyzer to secure network and application access, monitor ZTA enforcement and automate incident response. 

Who Should Attend 

Network Security Operators, Solution Architects, and Security Engineering Teams responsible for designing, operating, and drafting access policies for ZTA solutions within a network. 

Prerequisites 

You must have an understanding of the topics covered in the below courses or have equivalent experience. 

  • NSE 4 - FortiGate Security and FortiGate Infrastructure courses

  • NSE 5 – FortiAnalyzer and FortiClient EMS courses 

  • NSE 6 – FortiNAC and FortiAuthenticator courses 

  • NSE 7 – LAN Edge 

  • NSE 7 – Enterprise Firewall 

It is also recommended that you have an understanding of managing a FortiSwitch with FortiGate using FortiLink. 

Agenda 

  1. Zero Trust Access (ZTA) Overview 

  1. ZTA Components 

  1. Securing Network Access using FortiNAC 

  1. Securing Application Access with ZTNA 

  1. Expanding Secure Access with Endpoint Posture and Compliance checks 

  1. Monitoring ZTA enforcement and Automating Incident Response 

Objectives 

After completing this course, you will be able to: 

  • Understand ZTA architecture and the problems it solves 

  • Identify and review technology components required for ZTA enforcement 

  • Explore Zero Trust Network Access (ZTNA) as a component of ZTA 

  • Explain how the component systems integrate and the process workflow 

  • Set up captive portal and agents for securely onboarding devices to the corporate, guest and BYOD network 

  • Configure security policies for onboarding, compliance, and provide dynamic access based on configured criteria 

  • Configure FortiGate ZTNA with tagging rules for dynamic groups and securing application access 

  • Configure endpoint posture and compliance checks and monitor the status of connected endpoints 

  • Explain the role of a centralized logging platform (FortiAnalyzer) 

  • Explore remediation options to automate incident response for both on-net and off-net devices 

Course Duration  

2 days 

Product Versions 

FortiGate: 7.2
FortiSwitch – 7.2 
FortiAnalyzer: 7.2 
FortiClient EMS: 7.0 
FortiAuthenticator: 6.4 
FortiNAC: 9.4 
FortiMail: 7.2 

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM

The NSE 8 Immersion is an all-hands-on lab that students preparing for the NSE 8 practical exam can do to get an exam-like experience. Based on the previous NSE 8 practical exam, students will be tasked with completing the lab in a challenging learning environment. Fortinet products in the lab include FortiGate, FortiManager, FortiAnalyzer, FortiWeb, FortiMail, FortiADC, FortiAuthenticator and FortiSandbox. During the sessions, an NSE8 certified instructor is available for questions and to help gain knowledge in getting prepared for becoming NSE 8 certified.

Requirements:

  • Students must have their own laptops (15” screen minimum)
  • FortiClient SSLVPN client installed
  • RDP client of choice to connect to a Bastion Host

Content:

  1. Introduction to the environment (presentation)
  2. Networking (labs)
  3. Operations (labs)
  4. VPN (labs)
  5. Policies (labs)
  6. Authentication (labs)
  7. Management (labs)
  8. Advanced Technologies (labs)

Dates and Times:

Part 1: Tuesday, November 1 | 8:00 AM - 12:00 PM
Part 2: Wednesday, November 2 | 8:00 AM - 12:00 PM
Part 3: Wednesday, November 2 1:00 PM - 5:00 PM
Part 4: Thursday, November 3 | 8:00 AM - 12:00 PM