FortinetFortinet 11 FortiWeb 5.0 Patch 6 Administration Guide
Fine-tuning & best practices....................................................................... 608Hardening security............................................................................................... 608
Topology........................................................................................................ 608
Administrator access..................................................................................... 609
User access................................................................................................... 611
Signatures & patches..................................................................................... 612
Buffer hardening ............................................................................................ 612
Enforcing valid, applicable HTTP................................................................... 614
Sanitizing HTML application inputs............................................................... 614
Improving performance ....................................................................................... 614
System performance...................................................................................... 614
Antivirus performance.................................................................................... 615
Regular expression performance tips............................................................ 615
Logging performance..................................................................................... 617
Report performance....................................................................................... 618
Auto-learning performance............................................................................ 619
Vulnerability scan performance ..................................................................... 623
Packet capture performance......................................................................... 623
Improving fault tolerance..................................................................................... 623
Alerting the SNMP manager when HA switches the primary appliance........ 624
Reducing false positives...................................................................................... 624
Regular backups.................................................................................................. 628
Downloading logs in RAM before shutdown or reboot ....................................... 629
Troubleshooting ........................................................................................... 630Tools.................................................................................................................... 630
Ping & traceroute........................................................................................... 630
Log messages................................................................................................ 631
Diff.................................................................................................................. 632
Packet capture............................................................................................... 633
Diagnostic commands in the CLI................................................................... 638
How to troubleshoot............................................................................................ 638
Establishing a system baseline...................................................................... 638
Determining the source of the problem......................................................... 639
Planning & access privileges ......................................................................... 640