Last update from 12.05.2021 at 09:40 Swiss local time: We have noticed an improvement in the situation. Some rare rating timeouts still show up from time to time, but the majority of requests are being answered correctly. Also the DNS servers are working as usual again.
We have noticed an increase of support requests regarding the FortiGuard DNS rating service (SDNS) today. Therefore we want to inform you about the following issue.
«FortiGuard DNS Rating Server (SDNS) unavailable» weiterlesen
Unser letzter Beitrag zur Konfiguration einer Fortigate, um zuhause auch Swisscom TV durch die Fortigate zu bekommen, ist schon eine zeitlang her. Deswegen hier mal wieder ein aktueller Beitrag mit einer Fortigate auf FOS 7.0.0 (der auch mit 6.4.5 getestet wurde).
In diesem Beispiel hängt die Swisscom TV Box am DMZ Port der Fortigate und bezieht von dort eine DHCP Adresse, welche per DHCP Reservation fixiert wird:
«Fortigate und Swisscom TV – zum dritten» weiterlesen
1,278 total views, 2 views today
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange.
Even though we, as Boll Engineering AG, are not associated in any way with the affected product, a lot of our customer reported, that they have vulnerable systems in place and may be affected by this bug. We have been asked if IPS signatures and WAF patches are already implemented. Therefore we decided to post this blog to raise the awareness of this vulnerability once more, even after the broad press has already published a lot of releases regarding this matter.
This blog post regards the following CVE reports:
«Exchange Hafnium Vulnerability March 2021» weiterlesen
The System Engineers of BOLL Engineering have been supporting Fortigate devices for 18 years. This year, FortiOS v6.4 was released and we have again gathered all the troubleshooting commands that we use regularly in our new CheatSheet.
Hopefully this CheatSheet will help you as well.
You will find the most important commands on the first page. The second page contains troubleshooting commands for problems with firewall policies and security profiles, followed by the third page with commands for network problems. The last page covers system and hardware commands and general information.
Updated to v1.1 (addition and correction for FortiToken, 11.12.2020)
2,240 total views, 4 views today
Since a while, the most recent macOS versions the system do report the use of «legacy system extensions» which is often triggered by modules or plugins of low-level software like VPN Clients, AV software etc.
«FortiClient/PaloAlto Support for Catalina – «legacy system extensions» error» weiterlesen
Did you know, that on the FortiAP FAP-C24JE, the VLAN ID’s 898 and 899 are reserved for system use?
Or that the FortiAP models FAP-S221E, FAP-S223E, FAP-221E, FAP-222E, FAP-223E and FAP-224E can not work with VLAN ID 97 and 98? I’m sure you already guessed it: These ID’s are reserved for system use.
«FortiAP and VLAN ID 97 or 98» weiterlesen
Because it’s very difficult to take exams at PearsonVUE right now, you may get in trouble regarding the timely recertification of existing certifications. Therefore some vendors have announced an extension for their recertification expiration:
PaloAltoNetworks is extending the certification expiration date by six month for Credential holders with expiration date between March 1, 2020 and July 31, 2020.
Fortinet is extending the certification expiration by one month so far. We assume that this extension will be extended again :-).
Update March 27th: Fortinet will extend the expiry dates of all existing NSE certifications by 6 months as of March 16th 2020 (the date of PV’s test center closures).
Due to several known issues, we did not recommend the use of FortiOS 6.2 in productive environments for the first couple of months.
As per FortiOS 6.2.5, we noticed that most of the issues have been resolved. Please have a look into our FortiOS upgrade guide for the upgrade procedure.
«FortiOS 6.2: Upgrade Notes» weiterlesen
Last week Fortinet has released a critical PSIRT-Advisory «Improper check for certificate revocation vulnerability»
Unfortunately the article does not give exact information regarding the background or the solution and we couldn’t find further information about the issue, either. Maybe you have more information?
«New PSIRT-Advisory from Fortinet» weiterlesen