top of page
top

FT- FortiNDR

FortiNDR On-Premises Administrator

Fortinet logo-new.jpg

Price
Duration

USD 950 exc. VAT.

1 Day

Courses

Prerequisites

Prerequisits

• You must have knowledge of networking and cybersecurity, and basic experience working with FortiGate and the Fortinet Security Fabric.

It is also recommended that you have an understanding of the topics covered in the FCP - FortiGate Administrator course

What you'll will learn

What you’ll learn in this course

In this course, you will learn how to administer, manage, and troubleshoot an onpremises FortiNDR deployment. You will explore different use cases and discover the various source feeds of FortiNDR. You will learn how it integrates within the Fortinet Security Fabric and collaborates with other products to enhance malware detection and enforce automatic response.

You will also explore the various features on FortiNDR that provide administrators with a broad picture of the detected anomalies and aids with forensic analysis.

Objectives

Course Objectives

• Describe how FortiNDR can protect your network
• Describe the FortiNDR operating modes
• Describe how FortiNDR monitors network traffic
• Describe how FortiNDR interacts other Fortinet or thirdparty products
• Describe how FortiNDR can scan network share drives
• Access FortiNDR GUI menus, CLI commands, and perform initial configuration tasks
• Analyze network insight information on detected attacks


• Manage false positive detection
• Analyze attack scenarios, timelines, and host stories
• Identify network outbreaks and assess network damage
• Configure static filters and NDR muting rules
• Configure Windows AD integration for device enrichment

• Analyze various logs on FortiNDR
• Integrate FortiNDR in Fortinet Security Fabric
• Describe how FortiNDR triggers responses
• Configure enforcement rules
• Configure automated actions
• Configure various FortiNDR integration modes
• Integrate FortiNDR with FortiMail and FortiSandbox
• Configure the logs and reports available on FortiNDR
• Generate FortiNDR reports (FortiAnalyzer/FortiSIEM)
• Configure ICAP integration
• Explain FortiNDR API capabilities
• Configure and analyze NetFlow logs and dashboards
• Configure device enrichment and remote authentication
• Configure network share scanning and quarantining l Analyze network share scan results

Course Outline

Outlines

1. Introduction
2. Malware Detection and Security Analysis

3. Security Fabric Integration and Fortinet Ecosystem
4. Third-Party Inputs

reg1

Further information

If you would like to know more about this course please contact us

Schedule
Fortinet logo-new.jpg
Fortinet logo-new.jpg
Fortinet logo-new.jpg
For dates in South Africa and Africa region 
bottom of page