„FortiGate SSLVPN Update-Empfehlung“ weiterlesen
Update, Nov 2020:
More than a year after Fortinet described this SSLVPN vulnerability, it gets new attention. A few days ago a list of IPs and domain names of vulnerable Fortigates was published. This list is dated November 2019 and one can only hope that many of these systems have already been patched.
Two days ago, this list was extended with usernames and passwords that were exploted via this vulnerability. Even if the Fortigates have been patched – as long as the passwords have not been changed, an attacker could still use them to gain access to protected networks.
Am 11. November 2020 ist SEPPmail v12 erschienen. SEPPmail hat hierzu eine Übersicht der Neuerungen veröffentlicht, welche wir euch nicht vorenthalten möchten.
Und falls ihr es noch nicht kennt, lohnt sich auch ein Blick in das neue Onlinehandbuch: https://docs.seppmail.com„SEPPmail v12 Release Notes“ weiterlesen
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.
The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.„Upgrade your FortiMail now!“ weiterlesen
899 total views, 3 views today
Da die Server von www.forticlient.com gut ausgelastet waren zu beginn der Homeoffice-Zeit wegen COVID-19, haben wir unseren Resellern hier während dieser Zeit den Download des FortiClients über unsere Server ermöglicht. Dies ist unterdessen nicht mehr notwendig und daher haben wir die Links wieder entfernt. Wir Verweisen auf www.forticlient.com.
Fortinet hat übrigens aufgrund der grossen Supportanfrage zum Thema eine eigene Seite für Home-Office/Remote-Office Thematiken erstellt. Darauf sind viele Anleitungen und Videos zum Thema zu finden. Der Artikel ist hier zu finden.
2,371 total views, 3 views today
What is the problem?
AuthPoint Gateway software must be updated to the latest available version, v5.1.5 before the week of 10 October 2019. If you do not update your AuthPoint Gateway before 10 October, it is likely that all authentication will fail for your AuthPoint user base.
When must I update my AuthPoint Gateway?
If you use AuthPoint Gateway software v184.108.40.206 or lower, you must update your Gateway software to v5.1.5 as soon as possible. If you update your Gateway software before the dates referenced below, this issue will not impact you.
- For AuthPoint users in the APAC cloud region – 10 October 2019
- For AuthPoint users in the EMEA cloud region – 16 October 2019
- For AuthPoint users in the AMER cloud region – 17 October 2019
Due to several known issues, we do not yet recommend FortiOS 6.2 in productive environments.„FortiOS 6.2: Upgrade Notes“ weiterlesen
Recently we have had a few support cases where a customer was unable to log in to the firewall via WebUI after the firmware update. But SSH access worked fine.
It turned out that during the update process the server certificate used for the WebUI is lost.
Config with v6.0.4 (it does not happen with „self-signed“ only):
config system global„What’s new with FortiOS 6.2/6.0.8: Update issue with certificate for WebUI“ weiterlesen
set admin-server-cert "self-signed"
FortiOS v6.2 has been released in March this year and we are still gaining experience with this version. In this article we would like to draw you attention to the protocol which is used for FortiGuard service communication. Up to v6.0 udp has been used, with 6.2 the default protocol has changed to https.„What’s new with FortiOS 6.2: FortiGuard Requests“ weiterlesen
Watchguard is going to release Fireware version 12.5 in the next few days / weeks. From the public beta phase some new features are already known, which I would like to introduce here:
Update: Fireware 12.5 has been released.
Please check the “ What’s New in Fireware v12.5 “ presentation for detailed information.
Reverse Proxy for the Access Portal
In the Access Portal configuration, you can now configure reverse proxy actions so remote users can connect to internal web applications and Microsoft Exchange services with an external URL. With reverse proxy actions, you can give remote teams access to internal resources without the need for a VPN. Multi-factor authentication is supported as well.„WatchGuard Fireware 12.5“ weiterlesen