FortiGate II - NSE 4 - The Secured Network Deployment and IPSec VPN course, FortiOS Version 5.4.1 (SECII)


Who should attend

Networking and security professionals involved in the design, implementation, and administration of a security infrastructure using FortiGate appliances.

This course assumes knowledge of basic FortiGate fundamentals. We strongly recommend participants complete the FortiGate I course before starting this course.


  • Knowledge of OSI layers
  • Knowledge of firewalling concepts in an IPv4 network
  • A thorough knowledge of the fundamentals of FortiGate, as presented in the FortiGate I course

Course Objectives

After completing these modules, you will be able to:

  • Deploy FortiGate devices as an HA cluster for fault-tolerance and high performance
  • Inspect traffic transparently, forwarding as a Layer 2 device
  • Analyze a FortiGate's route table
  • Route packets using policy-based and static routes for multi-path and load-balance deployments
  • Connect virtual domains (VDOMs) without packets leaving the FortiGate
  • Implement a meshed / partially redundant VPN
  • Diagnose failed IKE exchanges
  • Fight hacking and denial of service (DoS)
  • Offer Fortinet Single Sign-On (FSSO) access to network services, integrated with Microsoft Active Directory
  • Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies
  • Understand encryption functions and certificates
  • Defend against data loss by identifying files with sensitive data, and blocking them from leaving your private network
  • Diagnose and correct common problems
  • Optimize performance by leveraging the ASIC acceleration chips, such as CP or NPs, instead of only the CPU resources
  • Implement IPv6 and hybrid IPv4-IPv6 networks

Course Content

  • Routing
  • Virtual Domains
  • Transparent Mode and Layer 2 Switching
  • High Availability
  • Advanced IPsec VPN
  • Intrusion Prevention and Denial of Service
  • Fortinet Single Sign-On (FSSO)
  • Certificate Operations
  • Data Loss Prevention
  • Diagnostics
  • Hardware Acceleration
  • IPv6

Prices & Delivery methods

Classroom Training

3 days

  • on request


Currently there are no training dates scheduled for this course.