top of page
Search
FortiOS Feature Explorer - Conditional DNS forwarding and translation
This topic is one that we've visited in the past by linking to my friend Manny @ InfoSecMonkey. However, the link itself has been...
Matt Sherif
Apr 34 min read
62 views
0 comments


Use Case Explorer - Nested IPSEC Cisco to FortiGate
Hoo boy! It's been a minute since I've last written, or recorded anything. 2024 was a whirlwind year, and a lot went on then. Thank you...
Matt Sherif
Feb 238 min read
168 views
0 comments


Feature Explorer - Threat Feeds
Threat feeds are helpful fabric connectors that allow you to dynamically whitelist or blacklist traffic, file hashes, and domains. In...
Matt Sherif
Dec 18, 20231 min read
379 views
0 comments
Use Case Explorer - Part 1 - On boot VPN using machine/computer certs, and post login SAML VPN
Some IT organizations like to image laptops and ship them out to remote users without having to cache user credentials. For organizations...
Matt Sherif
Apr 14, 20231 min read
1,113 views
0 comments


Use Case Explorer - Terminate SSLVPN to loopback
Terminating SSL VPN to a loopback offers a lot more flexibility by means of security, filtering and inspection. In this video we take a...
Matt Sherif
Dec 30, 20221 min read
1,282 views
0 comments


Use Case Explorer - FortiSASE Secure Private Access (SPA)
Update: As I was deploying my other spokes I realized spoke to spoke connectivity wasn't establishing, and routing correctly. I have...
Matt Sherif
Dec 23, 20222 min read
238 views
0 comments


Use Case Explorer - FortiSASE SIA
In this video we take a look at Securing Internet Access - say in lieu of DNS filtering services, or zecure internet access services....
Matt Sherif
Dec 6, 20221 min read
95 views
0 comments


FortiOS Conditional API Call using iOS Shortcuts
A colleague of mine asked a question "can you enabl/disable a policy using the FortiOS API with the iOS shortcuts app?". It turns out...
Matt Sherif
Nov 26, 20221 min read
492 views
0 comments


Things that scare you
I had a customer call me panicking that their FortiGate CPU was pegged at 100%, while sitting idle. My first question was "What firmware...
Matt Sherif
Nov 12, 20221 min read
317 views
0 comments


How To: MC-LAG with FortiGate Switch Controller
In this video we take a look at how you can set up MC-LAG on FortiGate managed FortiSwitches. Thank you for watching, I hope this helps.
Matt Sherif
Nov 9, 20221 min read
1,771 views
0 comments


UltraBit - Get Factory Default Configuration for any FortiGate
Let's say you had to prepare a configuration for a FortiGate not in your possession. Typically a good starting point is the factory...
Matt Sherif
Aug 31, 20221 min read
388 views
0 comments


Intro to FortiGate Series 3.5 - Setup Decisions part 2
In this video we follow on from the previous module, adding a high level look at VDOMs and admin accounts.
Matt Sherif
Jun 14, 20221 min read
98 views
0 comments


Intro to FortiGate Series Module 3: Setup decisions
In this video we take a look at a few setup decisions that should be made prior to putting a FortiGate into production.
Matt Sherif
Jun 14, 20221 min read
119 views
0 comments


Intro to FortiGate Series Module 2: Initial configuration
Starting where we left off in Module 1, we take a look at: Factory Reset / Log disk format WAN/LAN Addressing LAN Services (DHCP, DNS,...
Matt Sherif
May 26, 20221 min read
97 views
0 comments


Intro to FortiGate series
Fortinet has come a long way in 22 years. And as they've started to lead in the network and cybersecurity market, I wanted to create a...
Matt Sherif
May 19, 20221 min read
157 views
0 comments


UltraNote: Some Unknown Error during SAML Single Logout
In a couple of my posts I noted that the Single Logout would need to be signed, and seemed to work fine despite a message that's...
Matt Sherif
Mar 22, 20221 min read
146 views
0 comments


Implementation Guide: FortiGate SSL VPN with Okta MFA using SAML
You may be wondering didn't you already post a redirect to Kim Frellsen's blog on this? Yes, yes I did. Here's the thing though, I came...
Matt Sherif
Mar 20, 20224 min read
1,280 views
0 comments
UltraNote: AD FS SSL VPN Clock Skew
In assisting a customer with the AD FS configuration we encountered some difficulties in redirection. The particular issue looked like...
Matt Sherif
Mar 7, 20222 min read
86 views
0 comments


FortiGate SSL VPN Authentication with AD FS
Update: including steps for tunnel based VPN as well. Update 3/10: updated assumptions I am starting to think we've pretty much covered...
Matt Sherif
Feb 26, 20225 min read
2,109 views
0 comments


FortiClient Cloud - API Access
I'd first like to start off this post by wishing everyone a happy and safe new year! It's been almost 3 months since my last post, things...
Matt Sherif
Jan 24, 20223 min read
415 views
0 comments
bottom of page