Most Commonly Asked Fortinet Interview Questions and Answers

Q1. What type of firewall is Fortinet?

Ans

Fortinet's FortiGate next-generation firewalls (NGFW) provide organizations supreme protection against web-based network threats, including known and unknown threats and intrusion strategies.

Q2. How does Fortinet firewall work?

Ans

FortiGate firewall works by examining the data that flows in to your network and verifying if it is safe to pass through to your business. Lower specification firewalls will typically examine this data by information such as its location and source.

Q3. How configure Fortinet firewall step by step?

Ans

1. Go to Network > Interfaces. Select an interface and click Edit.
2. Enter an Alias.
3. In the Address section, enter the IP/Netmask.
4. In Administrative Access section, select the access options as needed (such as PING, HTTPS, and SSH).
5. Optionally, enable DHCP Server and configure as needed.
6. Click OK.

Q4. What is the difference between Fortinet and FortiGate?

Ans

Initially the FortiGate was a physical, rack-mounted product but later became available as a virtual appliance that could run on virtualization platforms such as VMware vSphere. Fortinet later merged its network security offerings, including firewalls, anti-spam and anti-virus software, into one product.

Q5. What is the default IP address of FortiGate firewall?

Ans

The device should respond on the default IP address 192.168. 1.99, then we can open the web-based manager with a browser using the following URL: https://192.168.1.99 . The default user ( admin ) does not require password

Q6. What is Fortinet WAF?

Ans

FortiWeb is a web application firewall (WAF) that protects web applications and APIs from attacks that target known and unknown exploits and helps maintain compliance with regulations. Using machine learning to model each application, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

Q7. What is firewall throughput?

Ans

Firewall Throughput. This is typically quoted as Mbps (megabits per second) or Gbps (gigabits per second). This is the volume of traffic that can pass through the firewall at any one time.

Q8. What is difference between WAF and firewall?

Ans

A WAF protects web applications by targeting Hypertext Transfer Protocol (HTTP) traffic. This differs from a standard firewall, which provides a barrier between external and internal network traffic. A WAF sits between external users and web applications to analyze all HTTP communication.

Q9. What is UTM?

Ans

Unified threat management (UTM) is a move toward security management that allows a network administrator to monitor and manage a wide variety of security-related applications and infrastructure components through a single management console. UTM appliances not only combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform but also works within themselves interdependently just like a piece of fabric.

Q10. What is Security fabric?

Ans

Security Fabric uses FortiTelemetry to connect different security sensors and tools together to collect, coordinate, and respond to malicious behavior anywhere it occurs on the network in real-time. The core of a security fabric is an upstream FortiGate located at the edge of the network, with several FortiGates functioning as Internet Segmentation Firewalls (ISFWs).

A security fabric is used to coordinate with the behavior of other Fortinet products in the network, including FortiAnalyzer, FortiManager, FortiClient, FortiClient EMS, FortiWeb, FortiSwitch, and FortiAP.

Q11. Explain the differences between a Next-Generation Firewall and a Traditional Firewall

Ans

• The NGFW can find the identity of a user, whereas the traditional firewall can’t.
• A traditional firewall can only track the traffic based on 2 to 4 layers. The NGFW tracks the traffic through 5 to 7 layers.
• A traditional firewall only looks at the header, footer, source, and destination of the incoming packets. The NGFW will also look at the data of the incoming packet.

Q12. Explain about integrated threat management

Ans

Integrated threat management is an approach used to face malware such as blended threats, spam, etc. It protects from intrusion at both gateway and endpoint levels. It enables simplified administration by protecting from all threats for every component in a heterogeneous and integrated environment.

Q13. What do you mean by ‘Aware’ in Fortinet Security fabric?

Ans

Security Fabric provides situational awareness to management and enables continuous improvement. It will establish awareness throughout the network, which means understanding threats. It focuses on understanding the flow of data or information across the network. It controls which packet gets to where and to whom.

Q14. Explain about ‘Actionable’ in Fortinet Security Fabric

Ans

Security Fabric provides a unified view of the distributed attack surface. It has a common set of threat intelligence and centralized orchestration. So it correlates global threat intelligence with local network data and delivers actionable threat intelligence to every security device in your network.

Q15. Explain the ‘Scalable’ feature in Fortinet Fabric?

Ans

Security should be provided end-to-end at a deep inspection level. Security Fabric’s software not only scales within the environment, but it also scales seamlessly tracking data from IoT and endpoints. It protects the packet data across distributed networks from IoT to the Cloud.

Q16. What are the benefits of the Scalable feature in Fortinet Fabric?

Ans

Fortinet Security Fabric protects any organization from IoT to the Cloud. A complete security strategy needs both in-depth performances and deep inspection along with the breadth i.e. end to end. Security not only needs to scale to meet volume and performance demands, but it also needs to scale itself up laterally, seamlessly tracking and securing data from IoT and endpoints, across the distributed network and data center, and into the cloud.

Fortinet Security Fabric provides seamless, protection across the distributed enterprise, as well as inspection of packet data, application protocols, and deep analysis of unstructured content at wire speeds.

Q17. What does the security feature of Fortinet Security Fabric benefit us?

Ans

Global and local risk intelligence and lessening information can be shared across individual products to decrease time to protect. Not only does security need to include powerful security tools for the various places and functions in the network, but true visibility and control need these distinct elements to work together as an integrated security system.Fortinet’s Security Fabric behaves as a single collaborative entity from a policy and logging perspective, allowing individual product elements to share global and local risk intelligence and risk mitigation information.

Q18. What do we mean by Actionable in Fortinet Security Fabric?

Ans

Big Data cloud systems correlate risk information and network data to deliver into Actionable Threat Intelligence in real-time. It is not enough to sense bad traffic or block malware using distinct security devices. Network administrators need a common set of risk intelligence and centralized orchestration that allows the security to dynamically adapt as a risk is revealed anywhere, not just in our network, but also anywhere in the world. Fortinet’s Big Data cloud systems centralize and correlate risk information and network data and provide actionable threat intelligence to each and every single security device in the network’s security fabric in real-time.

Q19. What are the different authentication and encryption mechanisms available in Fortigate Firewall?

Ans

• WPA2 – Enterprise 802.1x/EAP
• WPA – Enterprise 802.1x/EAP
• WEP128 (26 Hexadecimal digit key)
• WEP64 (10 Hexadecimal digit key)

Q20. How we can configure FortiOS to turn on global strong encryption?

Ans

Global strong encryption means to allow only strong ciphers (AES, 3DES) and digest (SHA1) for HTTPS, SSH, and SSL/TLS. We can use the below command to configure FortiOS:

• config sys global
• set strong-crypto enable
• end

Q21. What are the points that should be considered while mounting a Fortinet firewall (hardware) in the rack?

Ans

• The room temperature should be in the range of ambient temperature defined by Original Equipment Manufacturer (OEM)
• Reliable earthing mechanism
• Adequate airflow provided for safe operation
• Adequate precautions for overcurrent and supply wiring

Q22. What are the steps that should take before each upgrade of firmware of the Fortinet firewall?

Ans

• Step 1: Back up and store old configuration.
• Step 2: Back up a copy of the old firmware executable. This is for the worst-case scenario. If something bad happens, you have an option of rollback.
• Step 3: Read the NOTE released by the manufacturer. It may contain useful information related to bug fixation, performance, etc.
• Step 4: Upgrade.

Q23. What is the FGCP cluster?

Ans

FGCP stands for FortiGate Clustering Protocol. It is a proprietary High Availability (HA) solution provided by Fortinet. Fortigate HA solution consists of a minimum of two firewalls configured for high availability operation.

Q24. What are the points that should be considered while installing/mounting a Fortinet firewall (hardware) in the rack?

Ans

• The room temperature should be in the range of ambient temperature defined by the Original Equipment Manufacturer (OEM)
• Reliable earthing mechanism
• Adequate airflow provided for safe operation
• Adequate precautions for overcurrent and supply wiring