So übertragen Sie eine FortiGate Konfiguration auf ein neueres Modell

Im Laufe des Lebenszyklus von Firewalls werden diese oftmals ersetzt mit einem neueren Modell, die Konfiguration möchte man aber gerne übernehmen. Für diesen Fall gibt es verschiedene Möglichkeiten, die wir in diesem Blog Beitrag vorstellen:

1. FortiConverter Service
2. FortiConverter Tool
3. Partielle Konfigübernahme
4. Volle Konfigübernahme

English article can be found here: How to transfer a FortiGate configuration to a newer model

«So übertragen Sie eine FortiGate Konfiguration auf ein neueres Modell» weiterlesen

Performance Best Practices for Kaspersky Endpoint Security for Windows

Here you can find some recommendations how to configure protection in Kaspersky Endpoint Security for Windows and reduce the impact on the system. The original document written by Evgeniya Kirikova from Kasperksy can be downloaded here.

General recommendations

  1. Use the latest versions of Kaspersky Endpoint Security for Windows, as they contain the latest fixes and improvements, including performance related.
  2. We recommend you to use all protection components with default settings. They provide the optimal balance between protection level and performance recommended by our experts.
  3. Check KES for Windows policy and make sure that general performance settings are enabled (KES policy –> General –> Application settings):
«Performance Best Practices for Kaspersky Endpoint Security for Windows» weiterlesen

WatchGuard new Knowledge Base Articles November 2020

Each month WatchGuard publishes numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in November:

Articles

Firebox Cloud supports accelerated networking in Azure

Known Issues

IKEv2 profile import fails on macOS Big Sur 11.0.1
DHCPv6 server restarts repeatedly when DHCP reservation exists
Hotspot custom logo does not load in Fireware v12.6.2
Cannot edit SD-WAN actions after you change the names of multiple external VLAN interfaces
Application Control category actions not applied correctly on 12.5.x Firebox fully managed by Management Server 12.6.x
Upgrading from Dimension 2.1.2 to Dimension 2.1.2 Update 4 fails due to lack of free disk space
Application Control category action changes to Drop after upgrade to Fireware v12.6.2
Interfaces with fixed link speeds change to 10 Mbps Half Duplex after upgrade from Fireware v12.5.4 to v12.6.2
Files load slowly through an HTTPS-proxy when content inspection is enabled with Application Control or IPS
AP125 and AP325 reboot after kernel panic message
Mobile VPN with SSL client not supported on Windows devices with ARM processors

FortiGate SSLVPN Update-Empfehlung

Update, Nov 2020:

More than a year after Fortinet described this SSLVPN vulnerability, it gets new attention. A few days ago a list of IPs and domain names of vulnerable Fortigates was published. This list is dated November 2019 and one can only hope that many of these systems have already been patched.

Two days ago, this list was extended with usernames and passwords that were exploted via this vulnerability. Even if the Fortigates have been patched – as long as the passwords have not been changed, an attacker could still use them to gain access to protected networks.

«FortiGate SSLVPN Update-Empfehlung» weiterlesen

Upgrade your FortiMail now!

There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.

The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.

«Upgrade your FortiMail now!» weiterlesen

 1,387 total views,  1 views today

FortiClient VPN: Download Mirror

Da die Server von www.forticlient.com gut ausgelastet waren zu beginn der Homeoffice-Zeit wegen COVID-19, haben wir unseren Resellern hier während dieser Zeit den Download des FortiClients über unsere Server ermöglicht. Dies ist unterdessen nicht mehr notwendig und daher haben wir die Links wieder entfernt. Wir Verweisen auf www.forticlient.com.

Fortinet hat übrigens aufgrund der grossen Supportanfrage zum Thema eine eigene Seite für Home-Office/Remote-Office Thematiken erstellt. Darauf sind viele Anleitungen und Videos zum Thema zu finden. Der Artikel ist hier zu finden.

 2,915 total views,  2 views today

WatchGuard Authentication fails with AuthPoint Gateway lower than version 5.1.5

What is the problem?
AuthPoint Gateway software must be updated to the latest available version, v5.1.5 before the week of 10 October 2019. If you do not update your AuthPoint Gateway before 10 October, it is likely that all authentication will fail for your AuthPoint user base.

When must I update my AuthPoint Gateway?
If you use AuthPoint Gateway software v5.1.3.158 or lower, you must update your Gateway software to v5.1.5 as soon as possible. If you update your Gateway software before the dates referenced below, this issue will not impact you.

  • For AuthPoint users in the APAC cloud region – 10 October 2019
  • For AuthPoint users in the EMEA cloud region – 16 October 2019
  • For AuthPoint users in the AMER cloud region – 17 October 2019
«WatchGuard Authentication fails with AuthPoint Gateway lower than version 5.1.5» weiterlesen