Course Outline


Overview of Fortinet Security Solutions and FortiGate Firewalls

  • Preparing the system environment for FortiGate NGFW

Setting up and Configuring FortiGate Next-Generation Firewall

  • Choosing the right FortiGate NGFW hardware and software model
  • System requirements for installing FortiGate NGFW
  • Downloading core FortiGate VM deployment packages
  • Configuring FortiGate VM

Overview of Fortinet Security Fabric in Alignment with FortiGate NGFW

Overview of FortiGate Firewall Policies and Parameters

Running FortiGate NGFW in Network Address Translation (NAT) Mode

  • The difference between NAT/Route mode and transparent mode
  • Executing FortiExplorer, GUI, and CLI configuration options

Getting Started with Fundamental FortiGate Administration Tasks and Features

  • Registering security devices to Fortinet
  • Authenticating users and administrators
  • Configuring FortiGate backups using GUI and CLI
  • Upgrading or downgrading FortiGate firmware versions

Working with FortiOS for Easy FortiGate Firewall System Monitoring

Activating FortiGuard Solutions and Integrating with FortiGate NGFW

  • Introduction to relevant FortiGuard services
  • Enabling options for Internet Protocols and antivirus

Overview of Fortinet Security Fabric in FortiGate Firewall

  • Physical topology v.s. logical topology
  • Managing dynamic security updates with Fortinet Fabric connectors

Operating FortiGate Firewall Network Settings

  • Working with SD-WAN in FortiGate NGFW

Managing and Maintaining FortiGate Firewall in FortiCloud

  • Logging and monitoring FortiGate through FortiCloud activation
  • Activating the FortiGate NGFW cloud sandbox

Centralizing FortiGate Firewall Management with FortiManager

Implementing New-Generation Firewall (NGFW) Concepts and Principles with FortiGate

  • Introduction to FortiGate Firewall objects and policies

Configuring FortiGate Security Features and Administering Security Profiles

Initializing Devices with FortiGate NGFW as High Availability System

  • Configuring IP connectivity on the end-user
  • Verifying connectivity between network roles and components
  • Working with HTTP and HTTP traffic in FortiGate Firewall

Filtering Web and Application Control with FortiGate

Integrating Antivirus Systems with FortiGate Firewall

Overview of NAT Policy Implementations in FortiGate Firewall

  • Simulating system failures and checking results

Deploying Site-to-Site VPNs with FortiGate NGFW and Fortinet Tools

  • Site-to-site VPN between two FortiGate Firewalls
  • Site-to-site VPN between FortiGate Firewall and Cisco ASA Firewall

Initializing and Configuring Remote Access VPN on HQ FortiGate NGFW

Operating and Maintaining SSL VPN in FortiGate Firewall

Troubleshooting Scenarios and Methodologies for FortiGate NGFW

Summary and Conclusion


  • Knowledge of IP and other essential transport protocols
  • Understanding of security concepts across various platforms
  • Basic experience with hardware and software firewall systems


  • Security Engineers
  • System Administrators
  21 Hours


Related Courses

BeyondCorp: Implementing Zero Trust Security

 14 hours

BeyondCorp is an open source Zero Trust security framework that allows employees to work securely from any location without the need for a traditional VPN. In this instructor-led, live training, participants will learn hands-on how to set up a

Certified Lead Ethical Hacker

 35 hours

Why should you attend? The Certified Lead Ethical Hacker training course enables you to develop the necessary expertise to perform information system penetration tests by applying recognized principles, procedures and penetration testing

Network Security

 14 hours

Since all applications today heavily rely on communication and networks, there is no application security without network security. This course focuses on network security with a software security viewpoint, and discusses common network attacks

Certified Network Defender | CND

 35 hours

Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task


 14 hours

Zscaler is a SaaS security platform that provides a fast and secure connection between a user and any application. This instructor-led, live training (online or onsite) is aimed at systems administrators who wish to learn how to use Zscaler to

Network Security in Linux

 14 hours

During the course, participants will learn: What is denial of service attacks, Flooding, Sniffing, MIM? How to break from the network to the server? How to watch packets on the network (also running on switches)? Do you watch any

Network Security Administrator

 35 hours

Audience: System Administrators and Network Administrators as well as anyone who is interested in defensive network security technologies.  

Penetration Testing with Nmap

 14 hours

Nmap is a port scanner used for penetration and network testing. Port scanners such as Nmap, discover vulnerable communications on computer network systems. This instructor-led, live training (online or onsite) is aimed at software testers who


 14 hours

OpenVAS is an advanced open source framework which consists of several services and tools for network vulnerability scanning and management. In this instructor-led, live training, participants will learn how to use OpenVAS for network

Palo Alto Firewalls

 21 hours

Palo Alto Networks offers a platform that includes advanced firewalls and cloud extension. Palo Alto firewalls prevents malware intrusion with an automated approach that delivers consistent security. This instructor-led, live training (online or

Wireless Network and Telecom Network Security

 35 hours

Wireless and telecom network security refers the practices carried out to safeguard communication devices, terminal equipment, routing equipment, servers and Wireless devices and networks against malicious attacks.  This instructor-led, live