Detections
Analytics

CIS Fortigate 7.0.x Level 1 v1.2.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Fortigate 7.0.x Level 1 v1.2.0

Updated: 6/24/2024

Authority: CIS

Plugin: FortiGate

Revision: 1.3

Estimated Item Count: 32

File Details

Filename: CIS_Fortigate_7.0.x_v1.2.0_L1.audit

Size: 60.1 kB

MD5: 467710ef974ac3e09666c90a4acc899f
SHA256: 137254045fa8868a2cfa09adf7ecf4b468e2966302299bfec8bdfc0544a3cc43

Audit Items

DescriptionCategories
1.1 Ensure DNS server is configured
1.2 Ensure intra-zone traffic is not always allowed
1.3 Disable all management related services on WAN port
2.1.1 Ensure 'Pre-Login Banner' is set - enable
2.1.1 Ensure 'Pre-Login Banner' is set - warning message
2.1.2 Ensure 'Post-Login-Banner' is set - enable
2.1.2 Ensure 'Post-Login-Banner' is set - warning message
2.1.3 Ensure timezone is properly configured
2.1.4 Ensure correct system time is configured through NTP
2.1.5 Ensure hostname is set
2.1.10 Ensure management GUI listens on secure TLS version
2.2.1 Ensure 'Password Policy' is enabled
2.2.2 Ensure administrator password retries and lockout time are configured
2.4.1 Ensure default 'admin' password is changed
2.4.2 Ensure all the login accounts having specific trusted hosts enabled
2.4.3 Ensure admin accounts with different privileges have their correct profiles assigned
2.4.4 Ensure idle timeout time is configured
2.4.5 Ensure only encrypted access channels are enabled
2.4.6 Apply Local-in Policies
2.4.7 Ensure default Admin ports are changed
2.5.2 Ensure 'Monitor Interfaces' for High Availability devices is enabled
2.5.3 Ensure HA Reserved Management Interface is configured
3.2 Ensure that policies do not use 'ALL' as Service - ALL as Service
3.3 Ensure firewall policy denying all traffic to/from Tor, malicious server, or scanner IP addresses using ISDB
3.4 Ensure logging is enabled on all firewall policies
4.1.2 Apply IPS Security Profile to Policies
4.3.2 Ensure DNS Filter logs all DNS queries and responses
4.3.3 Apply DNS Filter Security Profile to Policies
4.4.1 Block high risk categories on Application Control
4.4.3 Ensure all Application Control related traffic is logged
4.4.4 Apply Application Control Security Profile to Policies
5.1.1 Enable Compromised Host Quarantine