Course Overview
In this course, you will learn how to deploy, configure, and troubleshoot FortiWeb. You will learn key concepts of web application security, and explore protection and performance features. You will experience traffic and attack simulations that use real web applications. You will learn how to distribute the load from virtual servers to real servers, while enforcing logical parameters, inspecting flow, and securing HTTP session cookies.
Certification- This course is intended to help you prepare for the NSE 6 FortiWeb certification exam.
Who should attend
Networking and security professionals involved in the administration and support of FortiWeb.
Prerequisites
You must have an understanding of the topics covered in the following courses, or have equivalent experience:
- NSE 4 FortiGate Security
- NSE 4 FortiGate Infrastructure
It is also recommended that you have an understanding of the following topics:
- HTTP protocol
- Basic knowledge of HTML, JavaScript, and server-side dynamic page languages, such as PHP
System Requirements- If you take the online format of this class, you must use a computer that has the following:
- High-speed Internet connection
- Up-to-date web browser
- PDF viewer
- Speakers or headphones
One of the following:
- HTML 5 support or
- Up-to-date Java runtime environment (JRE) with Java plugin enabled in your web browser
You should use a wired Ethernet connection, not a Wi-Fi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.
Course Objectives
- Define web application firewall and describe its role in the network
- Perform basic configuration and initial deployment
- Configure FortiWeb for deployment in a load balanced network environment
- Implement FortiWeb machine learning capabilities
- Configure and customize FortiWeb signatures
- Configure FortiWeb to protect against DoS and defacement attacks
- Implement SSL/TLS encryption, including inspection and offloading
- Configure user authentication and access control features
- Configure FortiWeb to ensure PCI DSS compliance of your web applications
- Configure FortiWeb to perform caching and compression tasks
- Configure FortiWeb to perform HTTP content based routing, rewriting, and redirection
- Perform basic troubleshooting of FortiWeb
Outline: FortiWeb - NSE6 (FORT-WEB)
- 1. Introduction
- 2. Basic Setup
- 3. Compliance
- 4. Authentication and Access Control
- 5. Web Application Security
- 6. DoS and Defacement
- 7. Machine Learning and Bot Detection
- 8. SSL/TLS
- 9. Application Delivery
- 10. API Protection and Bot Mitigation
- 11. Additional Configuration
- 12. Troubleshooting