i have purchased a new fortigate 101e and it uses the fortiOS 6.0.6 and before i connect it to the internet i want to disable all connections to fortiguard servers and forti Distribution Network(FDN), our enviroment will use a manual updates for it and its services, so i have:
- Changed the DNS and the NTP (because they contain ips with is in fortinet)
- In FortiGuard we disabled push update and scheduled updates, improve IPS quality, override FortiGuard server.
- Disabled sending malware statics to FortiGuard
- Disable the submission of security rating results to FortiGuard by: set security-rating-result-submission disable
- Change the DNS record for the update.fortiguard.net to resolve to a local ip in the dns server.
- disabled the fortiguard anycast.
and in the web filter and DNS i will not use the foriguard category base filter i will use a static url filter.
i just want to make sure non of my traffic reach fortiguard or FDN or any of their servers before i connect it to the internet.
Appreciate your help. thanks.
Everything you've done so far appears to be solid. You could also block UDP/8888 and HTTPS/8888. I like your approach for update.fortiguard.net. You could also include "service, securewf, usservice, ussecurewf".fortiguard.net the same way.