Certification Name: Fortinet NSE 4 โ FortiOS
Latest Version: Typically aligned with FortiOS 7.x
Target Audience: Network and security professionals responsible for FortiGate firewall configuration and management
๐ฏ Certification Objectives
The NSE 4 certification validates your ability to:
- Deploy and configure FortiGate firewall devices
- Implement security policies, NAT, routing, and VPNs
- Detect and prevent threats using UTM (Unified Threat Management)
๐ Course Modules
๐น Module 1: Introduction to FortiGate and FortiOS
- Fortinet Security Fabric overview
- FortiGate features and licensing
- GUI and CLI navigation
- Initial configuration and device registration
๐น Module 2: Firewall Policies
- Policy components: source, destination, services, action
- Implicit and explicit policies
- Policy ordering and evaluation
- Logging and policy monitoring
๐น Module 3: Network Address Translation (NAT)
- Source NAT (SNAT), destination NAT (DNAT)
- Virtual IPs (VIP)
- Central NAT and NAT46/NAT64
- NAT troubleshooting
๐น Module 4: Routing
- Static routing
- Policy-based routing (PBR)
- Route priority and selection
- ECMP (Equal Cost Multi-Path) routing
๐น Module 5: Firewall Authentication
- Local user authentication
- LDAP, RADIUS, and TACACS+ integration
- FSSO (Fortinet Single Sign-On)
- Captive portal configuration
๐น Module 6: SSL VPN
- SSL VPN portal types: tunnel mode and web mode
- Authentication and access control
- Split tunneling
- VPN client configuration (FortiClient)
๐น Module 7: IPsec VPN
- Site-to-Site VPN configuration
- Remote Access VPN setup
- IKEv1 vs. IKEv2
- VPN diagnostics and monitoring
๐น Module 8: Security Profiles (UTM Features)
- Antivirus
- Web filtering
- Application control
- IPS (Intrusion Prevention System)
- DNS filtering
- SSL/SSH inspection
๐น Module 9: Logging and Monitoring
- FortiView dashboards and widgets
- Real-time traffic monitoring
- Event logs and system logs
- Logging to FortiAnalyzer or external servers
๐น Module 10: System Configuration and Maintenance
- Admin profiles and access control
- Backup and restore configuration
- Firmware upgrade procedures
- High Availability (HA) concepts
๐งช NSE 4 Exam Details
- Exam Code: NSE4_FGT-7.x
- Format: Multiple choice + scenario-based questions
- Time: 90 minutes
- Passing Score: ~70% (not publicly disclosed)
๐ Training Path
๐น Recommended Official Courses:
- FortiGate Security (Part 1)
- FortiGate Infrastructure (Part 2)
These can be taken via:
- Instructor-led training (ILT)
- Online self-paced training via Fortinet NSE Institute
๐ Certification Validity
- Valid for 2 years
- Renewal required via latest NSE 4 exam or higher-level certification