FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes the steps to
configure FortiGate in order to avoid security audit check fail related
to unsecured protocol. Solution Security fabric audit checks are based on current network configuration, using real time monitoring. Security audit provides the suggestion/recommendation for current running network configuration to avoid vulnerabilities and to improve the overall security. Unsecured Protocol: HTTP, Telnet. IP access are exposed on unsecured protocol. Security audit will not run on unsecured protocol, if interfaces are not classified. All interfaces are classified as either LAN, WAN, or DMZ. For mentioning the role of interface, run the following command:
# config system interface edit <name> <----- Type interface name. set role < > <----- Specify role. ex: LAN, WAN, DMZ. end Disable http and telnet on interface config system interface edit <name> <----- Type interface name . unselect allowaccess http telnet <----- Remove HTTP telnet from allow access list . end
