Fortigate-Firewall do allow an automatic configuration export via FTP.
Feature Request: Test Fortigate Firewall Configuration by enabling an import channel to Fortigate Firewalls. Provide an FTP-Server and parse the configuration file against basic firewall tests:
- HTTP-Access on interfaces?
- Telnet on interfaces?
- HTTPS-Access on WAN-interfaces?
- Maintainer access activated?
- missing 2FA for admin accounts
- trusted hosts for admin access defined?
- are there any-to-any rules with services allowed βallβ?
- Do rules without logging exist?
- Are old protocols SSLv1/TLS1.0/TLS1.1 allowed?
- Unused address objects?
- Unused service objects?