The Packets, Life and everything
This is my personal catalog of typical troubleshooting commands I employ when dealing with FortiGate Firewalls. In contrast to Cisco, where 'show' is the universal command, Fortinet offers a range of options, including 'show,' 'get,' 'diagnose,' and 'execute,' for retrieving pertinent information. Important to remember It is 'get router info routing-table' to see the routing …
How to Secure IOT and OT Networks with an Zero Trust aproach? Microsoft
Zero Trust Architecture (ZTA) has become a cornerstone of modern cybersecurity. By continuously verifying access based on dynamic dataโsuch as user identity, device health, threat intelligence, and enterprise contextโZTA helps organizations stay resilient against evolving threats. But there's a catch. Many of the systems that store and process this critical data rely onย proprietary formats and closed …
Continue reading "The Hidden Risk in Zero Trust: Vendor Lock-In Through Proprietary Data Formats"
In todayโs hybrid work environment, traditional VPNs are increasingly seen as outdated and risky. They create broad network access once a user is authenticated, which can expose sensitive systems to lateral movement and insider threats. Enterย Zero Trust Architecture (ZTA)โa modern approach that redefines remote access by enforcing strict, identity-based controls. Why Replace VPNs with Zero …
Continue reading "Zero Trust Use Case: Remote Access & VPN Replacement"
Notes about ZeroTrust Security WORK IN PROGRESS What is Zero Trust?History of ZTDefinitions, Concepts, & Components of ZTTenetsDesign PrinciplesPillarsComponents & ElementsLogical Components of Zero Trust ArchitectureMapping ZTA components to SDPCISA Zero Trust Maturity Model for the identity pillarCISA Zero Trust Maturity Model for the networks pillarFunction: Network segmentationFunction: Network traffic managementFunction: Traffic encryptionFunction: Network resilienceFunction: …
#!/bin/bash # Patrick Marc Preuss (c)2021 - 2025 # Check for required environment variable if [ -z "${SSHPASS}" ]; then echo "Error: Please set the SSHPASS environment variable." exit 127 fi # Check for firewall argument FW="$1" if [ -z "${FW}" ]; then echo "Usage: $0 <firewall-hostname-or-IP>" exit 127 fi # Timestamp for output file …
Note to my self. Looks like Fortigate changed the access to IPerf3. FG (global) # diagnose traffictest set_pair mgmt:mgmt Server:Client pair is mgmt:mgmt Server CPU affinity: None Client CPU affinity: None Stream number: 1 Traffic protocol: TCP Server IP address: 192.90.255.199 Server VDOM: vsys_hamgmt Client IP address: 192.90.255.199 Client VDOM: vsys_hamgmt FG (global) # diagnose …
Patrick Marc's Networks 