Hi all, another vulnerability – log4j – is keeping us all on our toes. «Information on Log4j Vulnerability / CVE-2021-44228» weiterlesen
In this blog article you will find information about log4j from our vendors.
We have created a combined CheatSheet for the FortiAnalyzer and FortiManager OS version 7.0. We have divided sections into FortiAnalyzer Logging, FortiAnalyzer Reporting and FortiManager to find the needed commands faster.
We hope that this will contribute to quick solutions of existing problems.
292 total views, 1 views today
Update – 10. November 2021: It seems that the server «184.108.40.206» is not in use anymore – it is «not reachable» at the moment. Please use «220.127.116.11» instead.
Blogpost – 3. November 2020:
From time to time customers noticed that the Fortigate cannot reach the Fortiguard Servers anymore.
This is displayed in the Dashboard or users are complaining that the Webfilter or DNS Filter Service is not working anymore. «FortiGuard Servers are not reachable» weiterlesen
5,793 total views, 7 views today
On Mai 2021, Let’s Encrypt issued a note about the expiration of their DST Root CA X3:
Now that this root certificate has expired (2021-09-30), your systems might issue a warning when connecting to sites using Let’s Encrypt certificates.
To fix this glitch on a general client, follow the instructions of the link above:
«Let’s Encrypt: Unexpected certificate warnings» weiterlesen
- Ensure that the involved systems trust theISRG Root X1 CA
- If such systems depend on OpenSSL, ensure that they’re using at version 1.1.0 or later
861 total views, 2 views today
Last update from 12.05.2021 at 09:40 Swiss local time: We have noticed an improvement in the situation. Some rare rating timeouts still show up from time to time, but the majority of requests are being answered correctly. Also the DNS servers are working as usual again.
We have noticed an increase of support requests regarding the FortiGuard DNS rating service (SDNS) today. Therefore we want to inform you about the following issue. «FortiGuard DNS Rating Server (SDNS) unavailable» weiterlesen
Unser letzter Beitrag zur Konfiguration einer Fortigate, um zuhause auch Swisscom TV durch die Fortigate zu bekommen, ist schon eine zeitlang her. Deswegen hier mal wieder ein aktueller Beitrag mit einer Fortigate auf FOS 7.0.0 (der auch mit 6.4.5 getestet wurde).
In diesem Beispiel hängt die Swisscom TV Box am DMZ Port der Fortigate und bezieht von dort eine DHCP Adresse, welche per DHCP Reservation fixiert wird: «Fortigate und Swisscom TV – zum dritten» weiterlesen
1,983 total views, 2 views today
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange.
Even though we, as Boll Engineering AG, are not associated in any way with the affected product, a lot of our customer reported, that they have vulnerable systems in place and may be affected by this bug. We have been asked if IPS signatures and WAF patches are already implemented. Therefore we decided to post this blog to raise the awareness of this vulnerability once more, even after the broad press has already published a lot of releases regarding this matter.
This blog post regards the following CVE reports: «Exchange Hafnium Vulnerability March 2021» weiterlesen
Since a while, the most recent macOS versions the system do report the use of «legacy system extensions» which is often triggered by modules or plugins of low-level software like VPN Clients, AV software etc. «FortiClient/PaloAlto Support for Catalina – «legacy system extensions» error» weiterlesen
Did you know, that on the FortiAP FAP-C24JE, the VLAN ID’s 898 and 899 are reserved for system use?
Or that the FortiAP models FAP-S221E, FAP-S223E, FAP-221E, FAP-222E, FAP-223E and FAP-224E can not work with VLAN ID 97 and 98? I’m sure you already guessed it: These ID’s are reserved for system use. «FortiAP and VLAN ID 97 or 98» weiterlesen
Because it’s very difficult to take exams at PearsonVUE right now, you may get in trouble regarding the timely recertification of existing certifications. Therefore some vendors have announced an extension for their recertification expiration:
PaloAltoNetworks is extending the certification expiration date by six month for Credential holders with expiration date between March 1, 2020 and July 31, 2020.
Fortinet is extending the certification expiration by one month so far. We assume that this extension will be extended again :-).
Update March 27th: Fortinet will extend the expiry dates of all existing NSE certifications by 6 months as of March 16th 2020 (the date of PV’s test center closures).