Every day we are made aware of new threats to our network environments. Many security companies offer solutions that should assist in decreasing your chances of receiving malicious software and viruses and the ultimate loss of production data. However, why not utilize existing features on your current network appliances rather than purchasing new software or equipment?
There are a couple of changes and items you can implement on your FortiGate device to protect your network from malware/ransomware:
- Turning on the Antivirus feature
- Block connections to botnets (malicious internet applications)
- Enable IPS (intrusion prevention system) for your inbound network traffic policies
- Sending suspicious files to the Fortinet Sandbox. (The Sandbox is a virtualized environment used by Fortinet to test suspicious files for potential malicious issues that could affect your environment. The Fortinet Sandbox is offered at an additional cost, and is usually not included with most FortiGate devices.)
Setting up Antivirus and Sandbox features
Blocking botnet applications
In addition to these features, you can also modify some of the other settings on the FortiGate to further assist with network security. In the Web Filtering options, you can block by Security Risk and block Proxy Avoidance. Also, under the Application Control settings, you can create a policy to block botnets and other known high-risk applications.
FortiGate’s website is also a great place to find a few best practices documents and links to some other technical information that may be helpful.