⭕️اگر داخل ایران فورتی وب استفاده میکنید بروزرسانی فوری انجام بدید.
آسیب پذیری RCE که امروز خبر فیکس شدنش منتشر شد, طبق بررسی ها در موتور جستجوی shodan در ایران تارگت های آسیب پذیری با تعداد بالا هنوز وجود دارد.
لینک خبر
#fortinet #fortiweb
@Engineer_Computer
آسیب پذیری RCE که امروز خبر فیکس شدنش منتشر شد, طبق بررسی ها در موتور جستجوی shodan در ایران تارگت های آسیب پذیری با تعداد بالا هنوز وجود دارد.
لینک خبر
#fortinet #fortiweb
@Engineer_Computer
👍1
🛡 End-to-End Web Security Architecture: FortiWeb WAF + FortiGate in Reverse Proxy Mode
Recently completed a comprehensive lab implementation and full documentation of a production-grade web security architecture using FortiWeb as a Web Application Firewall behind FortiGate, deployed on PNETLAB with KVM-based VMs.
🔹 Traffic Flow Architecture:
Client → FortiGate (WAN/VIP) → FortiWeb (WAF Inspection) → Apache2 Real Server → Response back to Client
🔹 Key Implementation Highlights:
✅ Linux Web Server hardening with Apache2 and static IP configuration via Netplan
✅ FortiWeb interface setup across three segments (Real Server / Client-LAN / Management)
✅ Complete WAF policy chain: Virtual IP → Server Pool → Virtual Server → Server Policy
✅ FortiGate perimeter configuration with DNAT Virtual IP (100.100.100.50 → 192.168.100.50)
✅ Firewall policy with full session logging for HTTP/HTTPS/PING traffic
✅ CLI-based traffic logging activation on FortiWeb (a step many engineers miss!)
✅ End-to-end verification through Forward Traffic logs on both devices
🔹 Why Reverse Proxy Mode?
It provides deep HTTP/HTTPS inspection, granular WAF policy enforcement, and clean separation between perimeter firewalling (FortiGate) and application-layer protection (FortiWeb) — a layered defense approach aligned with Zero Trust principles.
🔹 Key Lesson Learned:
The order of WAF policy configuration matters → Virtual IP must exist before the Server Pool, which must exist before the Virtual Server, which must exist before the Server Policy. Skipping the sequence breaks the binding chain.
💼 Currently exploring new opportunities in Network & Cybersecurity Engineering — open to on-site, hybrid, or remote roles. I deliver hands-on services in network design, firewall deployment (Fortinet, Cisco), WAF implementation, ICS/OT security (IEC 62443, NIST), and infrastructure hardening.
#CyberSecurity #FortiWeb #FortiGate #WAF #NetworkSecurity #Fortinet #ReverseProxy #InfoSec #OpenToWork #NetworkEngineer #PenetrationTesting #ICS #OTSecurity
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
Recently completed a comprehensive lab implementation and full documentation of a production-grade web security architecture using FortiWeb as a Web Application Firewall behind FortiGate, deployed on PNETLAB with KVM-based VMs.
🔹 Traffic Flow Architecture:
Client → FortiGate (WAN/VIP) → FortiWeb (WAF Inspection) → Apache2 Real Server → Response back to Client
🔹 Key Implementation Highlights:
✅ Linux Web Server hardening with Apache2 and static IP configuration via Netplan
✅ FortiWeb interface setup across three segments (Real Server / Client-LAN / Management)
✅ Complete WAF policy chain: Virtual IP → Server Pool → Virtual Server → Server Policy
✅ FortiGate perimeter configuration with DNAT Virtual IP (100.100.100.50 → 192.168.100.50)
✅ Firewall policy with full session logging for HTTP/HTTPS/PING traffic
✅ CLI-based traffic logging activation on FortiWeb (a step many engineers miss!)
✅ End-to-end verification through Forward Traffic logs on both devices
🔹 Why Reverse Proxy Mode?
It provides deep HTTP/HTTPS inspection, granular WAF policy enforcement, and clean separation between perimeter firewalling (FortiGate) and application-layer protection (FortiWeb) — a layered defense approach aligned with Zero Trust principles.
🔹 Key Lesson Learned:
The order of WAF policy configuration matters → Virtual IP must exist before the Server Pool, which must exist before the Virtual Server, which must exist before the Server Policy. Skipping the sequence breaks the binding chain.
💼 Currently exploring new opportunities in Network & Cybersecurity Engineering — open to on-site, hybrid, or remote roles. I deliver hands-on services in network design, firewall deployment (Fortinet, Cisco), WAF implementation, ICS/OT security (IEC 62443, NIST), and infrastructure hardening.
#CyberSecurity #FortiWeb #FortiGate #WAF #NetworkSecurity #Fortinet #ReverseProxy #InfoSec #OpenToWork #NetworkEngineer #PenetrationTesting #ICS #OTSecurity
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
❤2
🔐 Fortinet Firewall Topology – Secure. Segment. Protect.
A well-designed network is the backbone of strong cybersecurity. This topology using Fortinet demonstrates how to build a secure and scalable infrastructure with proper segmentation and control.
✅ Key Highlights:
• Segmented zones: LAN (Trust), DMZ, and Management Network
• Secure remote connectivity via IPsec VPN
• Dual WAN setup for high availability and backup internet
• Controlled access policies between network zones
• Advanced security features like IPS, Web Filtering, SSL Inspection, and Application Control
🚀 Benefits:
• Enhanced security through network segmentation
• Reliable remote access for branch offices
• Centralized management and monitoring
• Improved resilience with failover internet
Strong network architecture isn’t just about connectivity—it’s about protection, performance, and control.
#CyberSecurity #Networking #Fortinet #Firewall #ITInfrastructure #NetworkSecurity #VPN #ITSupport
🔹 Share 🔹
📱 Channel : @Engineer_Computer
A well-designed network is the backbone of strong cybersecurity. This topology using Fortinet demonstrates how to build a secure and scalable infrastructure with proper segmentation and control.
✅ Key Highlights:
• Segmented zones: LAN (Trust), DMZ, and Management Network
• Secure remote connectivity via IPsec VPN
• Dual WAN setup for high availability and backup internet
• Controlled access policies between network zones
• Advanced security features like IPS, Web Filtering, SSL Inspection, and Application Control
🚀 Benefits:
• Enhanced security through network segmentation
• Reliable remote access for branch offices
• Centralized management and monitoring
• Improved resilience with failover internet
Strong network architecture isn’t just about connectivity—it’s about protection, performance, and control.
#CyberSecurity #Networking #Fortinet #Firewall #ITInfrastructure #NetworkSecurity #VPN #ITSupport
🔹 Share 🔹
📱 Channel : @Engineer_Computer
با احترام، از افراد متخصص، توانمند و باانگیزه دعوت میکنیم فرصت همکاری با دژپاد را بررسی نمایند.
فرصت همکاری در دژپاد
شرکت دژپاد در راستای توسعه تیم فنی و تخصصی خود، از افراد توانمند و متخصص برای موقعیتهای زیر دعوت به همکاری مینماید:
🔹 کارشناس شبکه و امنیت شبکه
مسلط به مفاهیم Network & Security، مباحث CCNA، تجهیزات FortiGate، پروتکلهای Layer 2 و Layer 3، فایروالهای NGFW و WAF، طراحی و مدیریت شبکههای سازمانی و عیبیابی زیرساختهای پیچیده.
🔹 کارشناس ارشد زیرساخت مجازیسازی و ذخیرهسازی
مسلط به VMware، Storage های HPE و DELL، شبکههای SAN Fabric، سرورهای HPE، راهکارهای Backup & Recovery و مدیریت و عیبیابی زیرساختهای مجازیسازی و ذخیرهسازی سازمانی.
📍 محل کار: تهران
🕒 نوع همکاری: تماموقت
📩 ارسال رزومه به ایمیل:
hr@dejpaad.com
#استخدام #فرصت_شغلی #امنیت_شبکه #زیرساخت #مجازی_سازی #Storage #VMware #Fortinet #NetworkSecurity #Infrastructure #Hiring #JobOpportunity #دژپاد #Dejpaad
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
فرصت همکاری در دژپاد
شرکت دژپاد در راستای توسعه تیم فنی و تخصصی خود، از افراد توانمند و متخصص برای موقعیتهای زیر دعوت به همکاری مینماید:
🔹 کارشناس شبکه و امنیت شبکه
مسلط به مفاهیم Network & Security، مباحث CCNA، تجهیزات FortiGate، پروتکلهای Layer 2 و Layer 3، فایروالهای NGFW و WAF، طراحی و مدیریت شبکههای سازمانی و عیبیابی زیرساختهای پیچیده.
🔹 کارشناس ارشد زیرساخت مجازیسازی و ذخیرهسازی
مسلط به VMware، Storage های HPE و DELL، شبکههای SAN Fabric، سرورهای HPE، راهکارهای Backup & Recovery و مدیریت و عیبیابی زیرساختهای مجازیسازی و ذخیرهسازی سازمانی.
📍 محل کار: تهران
🕒 نوع همکاری: تماموقت
📩 ارسال رزومه به ایمیل:
hr@dejpaad.com
#استخدام #فرصت_شغلی #امنیت_شبکه #زیرساخت #مجازی_سازی #Storage #VMware #Fortinet #NetworkSecurity #Infrastructure #Hiring #JobOpportunity #دژپاد #Dejpaad
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
LinkedIn
LinkedIn Login, Sign in | LinkedIn
Login to LinkedIn to keep in touch with people you know, share ideas, and build your career.
❤3
NSE Train ing FortiNet 2026.pdf
3 MB
The skills gap is real — and Fortinet's NSE program has now crossed 1.8M+ certifications issued worldwide.
Here's how the certification ladder is structured 👇
🔹 Fundamentals (NSE 1–2) — threat landscape + core concepts. A solid entry point whether your role is technical or not.
🔹 Associate / FCA (NSE 3) — hands-on FortiGate operation.
🔹 Professional / FCP (NSE 4–5) — deploy, manage & monitor across four tracks: Secure Networking, SASE, Cloud Security, and Security Operations. (NSE 4 is now the FortiOS Administrator exam.)
🔹 Solution Specialist / FCSS (NSE 6–7) — design & troubleshoot advanced solutions. The SecOps track (FortiSIEM + FortiSOAR) is gold for anyone building a SOC career.
🔹 Expert / FCX (NSE 8) — a written exam plus a 9-hour practical lab. The summit.
My takeaway: certifications don't replace experience, but a structured path keeps your learning intentional instead of scattered. If you're SOC-focused, the Security Operations tracks (FCP → FCSS) are the most direct route.
Which level are you targeting this year?
#CyberSecurity #Fortinet #NSE #BlueTeam #SOC #InfoSec #CareerDevelopment
✅ Share & Support Us 🔹
🔥 Channel : @Engineer_Computer
Please open Telegram to view this post
VIEW IN TELEGRAM