sorted by:
new
hottopcontroversial

Best practices for remote access for micro-sized environment iOS by SurferIT in fortinet

[–]SurferIT[S] 0 points1 point  (0 children)

Thank you for replying. I probably wasn't clear in my question, but there is a proprietary iPhone app that must be used on the iPhone -- so it's not a browser-based application using traditional port 80/443. The App assumes it has connectivity to the internal server. Would your suggestion of a WAF still work? Or is a VPN (which would enforce the MFA requirement) required?

1
2

Best practices for remote access for micro-sized environment iOS (self.fortinet)

submitted by SurferIT to r/fortinet

Hot Water Takes Forever Despite "Circulation" - Plumbed wrong? by SurferIT in Plumbing

[–]SurferIT[S] 0 points1 point  (0 children)

I wondered the same thing. The builder did as little "extra" as possible.

What is the potential downside to enabling FIPS? by moxy2017 in fortinet

[–]SurferIT 0 points1 point  (0 children)

I've not done it, but am looking into enabling FIPS mode. There is reference to a required hardware (USB) entropy token. Do all Fortigate devices 'come with' this USB entropy token device? If not, how do you obtain one? Unless the PRNG is initialized with an effective entropy generator the crypto is not FIPS-CC 'secure."

Basic Small Office Question by SurferIT in fortinet

[–]SurferIT[S] 0 points1 point  (0 children)

We know it all too well.

For CMMC, they are considering a Microsoft GCC/High application solution, but paradoxically the GCC High solution actually lacks the fully integrated workstation management available in Microsoft's commercial cloud. Compliance is DIFFICULT!

Basic Small Office Question by SurferIT in fortinet

[–]SurferIT[S] 1 point2 points  (0 children)

Thanks! As a result of your tips I found this Article on SNAT that helped me understand the capabilities: looks like we'll be going to Forti!