Overview and goals
<aside>
💡
Overview: This lab will have a small network with firewall, internal devices, access points, where they will operate normally. However, on the cloud, their will be a honeypot for attackers from where data will be logged on a SIEM.
Goal: The goal is to understand the fundamentals in aspects like:
- what it takes to make a network
- configure policies/security features to understand where vulnerabilities in the network might occur
- configure and host along with analyzing malicious data(from honeypot) on a SIEM
- Apply automation and playbooks to these malicious data signatures/alerts
</aside>
Network Diagram Layout
https://lucid.app/lucidchart/4eda7e45-f8d0-4d09-8036-470ba16d1a7f/edit?invitationId=inv_4ea74d52-4c0f-41ec-a942-7130eeb38c07&page=0_0#
Prerequisites
- FortiAP - I am using FortiAP 221E
- FortiGate - I am using FortiGate 60E
- Modem - I am using the Bell 3000 modem
- Cloud service provider - Azure
- SIEM - Azure sentinel
- Honeypot - VM in Azure
Pages of different components
Fortinet Devices
Setting up FortiAP as standalone
Setting up FortiGate as standalone with IPsec VPN
Connect FortiGate and other devices together
Policies
Azure
Defender for Cloud
Create Honeypot VM