How to create DHCP server and a policy in the Fortigate

-
Here is an example script that demonstrates how to use the  fortigate-api  package to create a DHCP server and a policy in the Fortigate   from fortigate_api import FortigateAPI # Create a FortigateAPI object fgt = FortigateAPI(host="host", username="username", password="password") # Create a DHCP server data = {     "default-gateway": "192.168.255.1",     "netmask": "255.255.255.0",     "interface": "vlan.123",     "ip-range": [         {"start-ip": "192.168.255.2", "end-ip": "192.168.255.254",}     ], } fgt.dhcp_server.create(data) # Create a policy in the Fortigate data = dict(     name="POLICY",     status="enable",     action="accept",     srcintf=[{"name": "any"}],     dstintf=[{"name": "any"}],     srcaddr=[{"name": "all"}],     dstaddr=[{"name&quo
Post a Comment

Domain Specific Safe Usage

-

 Safe use of E-mails πŸ“©:-

1. Do not share your e-mail login credentials with others.

2. While using public / multi-user systems make sure that you always log out before leaving the system.

3. Password best practices--(Point 6 above).

4. Always verify the sender not only through names but also through email address.

5. Do not click on any attachment all link if the email address appears suspicious or untrustworthy.

6. Do not click on any link which promises you of a lottery win or unclaimed inheritance.

7. Never share your credit or debit card details; or net banking details to anyone through email.

Safe use of social media:-

1. Always use only one social media account for each problem (that is, WhatsApp Facebook Twitter Instagram, Google Plus etc).

2. Do not share your login credentials to anyone.

3. Only add and communicate to real person whom you know outside of social media through social media platforms.

4. Many of the social media platforms May actually be fake and created to extract information through social engineering.

5. Do not communicate any sensitive personal / private information of yourself and others through social media messenger or chat services.

6. Be aware of attractive profiles of the opposite sex, they may be meant to lure you into divulging personal information-do not add and communicate such profiles without verification.

Propagation of fake news through social media:-

1. Social media platforms are continuously being used for the propagation of fake news and images.

2. Do not accept any images/video or news received by social media to be true unless the genuineness has been verified by other sources.

3. Various undesirable incident of "public outrage" and "mob lynching" have happened due to the viral propagation of fake news through WhatsApp and Facebook.

4. Do not forward any controversial images / video / news without verifying its genuineness or you may be criminally liable.

Safe use of debit and credit cards:-

1. Do not share your credit / debit card commerce CVV2 code or PIN with anyone.

2. When making online payments, make sure that green padlock and https symbol are active and valid. Do not enter card details in any unverified website / application or portal.

3. When using card in ATM for POS machines, ensure that the device where the card is being used has been tampered with.

4. Always read and follow your bank guidelines on using debit or credit card.

5. Man becoming aware of any fraud transaction immediately report to bank through call and email.

6. Do not share your card pen or CVV number to anyone over call email or any other means, even if someone says that are from Bank call centre.

7. Do not share any image of your card to anyone hi friend do not store any ware as well.

8. Never write your card PIN in any piece of paper or for a transaction-neither disclosed to anyone ever anywhere.

9. In case of loss or theft of card immediately report to bank for blocking the file a complaint to policeπŸš“ as early as possible.

Safe use of Laptop πŸ’»/ πŸ“± Mobile devices:-

1. Always use genuine vendor software and operating system.

2. Always use password protection for your laptop / mobile devices.

3. Always use licensed antivirus software.

4. Do not download any software from untrusted sources.

5. Do not keep any application or software which you do not regularly used.

6. Do not give your phone / laptop for use to anyone com especially untrusted people.

7. Run virus scan your laptop / mobile on a regular basis.

8. Make sure all vendor updates to the application / software you are using is getting updated on a regular basis.

Safe and acceptable use of internet resources:-

1. Always use trusted browser like Google Chrome, Mozilla Firefox, Microsoft edge etc for web browsing.

2. Do not visit any untrusted / illegal websites.

3. Do not click on any answer located download links without confirming the content and sources.

4. Always check for genuine https and green padlock to ensure that you are not being redirect to a fake website.

5. Do not use torrent or download illegal content hi friend it is a criminal or offence.

6. Always ensure that you close and delete your browsing content when using public computer.

Comments

Post a Comment

Popular posts from this blog

How to Configure VXLAN in FortiGate Firewall

-
Image
How to Configure VXLAN in FortiGate Firewall A brief explanation of the given topology: - Ø On top of all, there are two FortiGate Firewalls with L3 connectivity in between. Ø Under Each Firewall we have one Cisco Switch with two VLAN configured i.e.;3500 & 3600 Ø Uplink for switches has been configured with 802.1Q trunk which is connected to FortiGate Firewall. Ø Each switch has two PCs connected one in VLAN 3500 & other one in 3600 VLAN. Ø We have configured VLAN and VXLAN on both the FortiGate Firewall. Ø In this topology PCs in the same VLAN will be able to communicate with each other through a L3 link using VXLAN technology and they will be encapsulated such that both the PCs will think that they are within the L2 domain.           FortiGate Firewall Configuration VXLAN Configuration: - FGT-1: config system vxlan     edit "vxlan3500"         set interface "port
Read more

Higher Availability in FortiGate and VRRP in Cisco

-
Image
  Higher Availability in FortiGate and VRRP in Cisco A brief explanation of the given topology: - Ø On top of all, there are two FortiGate Firewalls one Active other one as Standby. Ø With the Higher Availability (HA) configured for handling the Failover of active Firewall. Ø There are two CORE switches with VRRP Configuration: CORE-1 as Master and CORE-2 as Slave. Ø Between two CORE-1 and CORE-2, two links in the Port Channel have been configured. Ø SVIs and static default route toward the Firewall has been configured for LAN users. Ø Also, the DHCP server has been configured for DATA and VOICE VLANs. Ø Two Layer 2 switches with uplinks as trunk and VLANs. FortiGate Firewall Configuration HA Configuration in FortiGate Firewall: - Here I have kept by default priority i.e.; 128 for “ ACTIVE-FIREWALL ” whose role is primary and I have set 100 for the “ STANDBY-FIREWALL ” whose role is secondary.   By default, the selection process of HA in FortiGat
Read more

Python Script to take the Backup of Multiple device in a Network

-
Image
from netmiko import ConnectHandler Sw_1 = { 'device_type': 'cisco_ios', 'host': '192.168.6.10', 'username': 'admin', 'password': 'Admin@123', 'port': 22, # optional, defaults to 22 'secret': 'secret', # optional, defaults to '' } Sw_2 = { 'device_type': 'cisco_ios', 'host': '192.168.6.20', 'username': 'admin', 'password': 'Admin@123', 'port': 22, # optional, defaults to 22 'secret': 'secret', # optional, defaults to '' } Sw_3 = { 'device_type': 'cisco_ios', 'host': '192.168.6.30', 'username': 'admin', 'password': 'Admin@123', 'port': 22, # optional, defaults to 22 'secret': 'secret', # optional,
Read more