Detections
Analytics

Item Search

NameAudit NamePluginCategory
Fortigate - Admin password lockout >= 300 secondsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Admin SCP - 'disabled'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Alert Emails - 'admin address'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

Fortigate - Antispam License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Auto backup is configured - 'FortiManager'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONTINGENCY PLANNING

Fortigate - AV License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Close port TCP 113 on external interfaceTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable auto USB installation - 'config'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable insecure services - TELNETTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Does not use self-signed certificate - 'admin'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Does not use self-signed certificate - 'user'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Enable logs of failed connection attemptsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Ensure default admin usernames are not usedTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - External Logging - 'fortianalyzer'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - External Logging - 'fortianalyzer2'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - External Logging - 'syslog3'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - External Logging - 'syslogd'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - full-second-warning-threshold <= 90%TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - HTTPS/SSH admin access strong ciphersTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Inactivity timeout - 'console' <= 5TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Inactivity timeout - 'console' <= 300TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Inactivity timeout - 'global' <= 5TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - IPS database - extendedTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

Fortigate - Local Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Local Logging is enabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Log WAN optimization messagesTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Login Banner - post-login-bannerTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Login Banner - pre-login-bannerTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Password Complexity - 1 lowercase letterTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Complexity - 1 uppercase letterTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Complexity - 4 char differenceTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Complexity - at least 1 charTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Complexity - length >= 8TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Expiry date <= 30 daysTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - RADIUS, LDAP, or TACACS+ response wait periodTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Require that passwords expireTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - reset-sessionless-tcp disabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Review the NTP server configurationTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Send malware statistics to FortiGuard 'Disabled'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - SNMP community string - 'private'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - SNMP community string - 'public'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - SNMP is enabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - SNMP v3 users have passwordsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - SNMP v3 uses SHA instead of MD5TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Syslog2 Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Syslog3 Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Syslogd Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Use non default admin access ports - 'HTTPS'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - VPN SSL cipher suite > than 128 bitsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Webfilter License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT