Industry Trends

Driving Cybersecurity Awareness and Training Through the Fortinet NSE Certification Program

By Rob Rashotte | September 03, 2021

Cybersecurity awareness and training remains one of the biggest security hurdles facing organizations today as threats continue to grow more sophisticated and commonplace. In fact, according to the latest FortiGuard Labs Global Threat Landscape Report, the number of ransomware attacks in December 2020 was seven times the number reported in July 2020. This increase in attacks combined with the cybersecurity skills gap creates a perfect storm for cyber criminals. The good news is that many organizations understand and see this need based on a recent ransomware global survey from Fortinet.

To quell this storm, organizations should look for ways to promote cyber awareness in their organizations, starting with cybersecurity training offerings. Fortinet’s NSE Training Institute and Training Advancement Agenda (TAA) help educate individuals to improve their career opportunities and help close the cybersecurity skills gap by developing career pathways for security professionals, students, veterans, military spouses and more through the Security Academy ProgramCertification Program and Veterans ProgramThe Network Security Expert (NSE) Certification Program, for example, is an eight-level training and certification program designed to enhance skillsets across a wide array of issues. Driving cybersecurity awareness through the Fortinet NSE Certification Program enables companies to ensure that all employees – from the non-technical to the IT administrative level – have the skills they need to keep enterprise networks secure.

How to Drive Cybersecurity Training

Awareness Training

Level 1: Information Security Awareness

The NSE 1 level offers training for anyone of any background who wants to learn about the cybersecurity threat landscape. It includes thirty-three self-paced activities that address real-life cyber threats. This course provides the foundation for the rest of the modules, including basic terms and concepts. 

Level 2: The Evolution of Cybersecurity

Also designed to promote general cybersecurity awareness, NSE 2 builds on the previous lesson. Consisting of thirteen self-paced activities, NSE 2 delves into the types of security solutions that vendors have developed to address the cybercrime problems organizations and individuals face. Additionally, this course acts as the foundation for learning how the Fortinet Security Fabric elements work together for a broad, integrated, automated approach to mitigating continuously evolving risk. 

Level 3: Fortinet Core Products

Fortinet designed NSE 3, to provide participants with a basic, contextual understanding of the products. It focuses on key features and maps them to specific network security problems. 

Technical Training

Level 4: Network Security Professional

NSE 4 offers a more technical approach, making it appropriate for network and security professionals who configure, monitor, and operate FortiGate devices on a day-to-day basis. To be certified at this level, users must complete both the FortiGate Security and FortiGate Infrastructure course exams. Each two-day interactive course includes training and lab hours. 

  • FortiGate Security: This course includes hands-on activities around firewall policies, the Security Fabric, user authentication, and SSL VPN. Additional administrative fundamentals include using security profiles such as IPS, antivirus, web filtering, and application control. 
  • FortiGate Infrastructure: This course offers activities centered on advanced topics around FortiGate networking and security. These often include features applied in complex or larger enterprise or MSSP networks, such as advanced routing, transparent mode, redundant infrastructure, site-to-site IPsec VPN, single sign-on (SSO), web proxy, and diagnostics. 

Level 5: Network Security Analyst

NSE 5 is intended for network and security professionals who require the expertise to centrally manage, analyze, and report on Fortinet security devices. To pass this level, participants must successfully pass exams for at least two of the following five courses.

  • FortiEDR: In this course, which features twenty-four self-paced activities, attendees learn how to protect endpoints by leveraging real-time orchestrated incident response. 
  • FortiManager: This course is compiled of seventeen self-paced exercises focused on the fundamentals of centralizing network administration. Further, hands-on labs incorporate deployment strategies such as single or multiple ADOMs, device registration, policy packages, shared objects, installing configuration changes, provisioning FortiManager as a local FortiGuard distribution server, and troubleshooting.
  • FortiAnalyzer: This one-day class, which features twenty self-paced activities, provides training and hands-on lab hours focused on the fundamentals for centralized logging and reporting. Participants learn how to configure and deploy FortiAnalyzerwhile also identifying threats and attack patterns through logging, analysis, and reporting. The lab activities explore administration and management, registering devices for log collection, central log collection, forensic log analysis based on simulated network attacks, report creation, and common misconfiguration issues.
  •  FortiClient EMS: In this course, attendees learn how to use and provision FortiClient with FortiClient EMS. Incorporating twelve self-paced activities, the course also includes an interactive lab component centered on administration fundamentals like installation, database management, operation modes, deployment, implementation, and management for endpoint security.
  •  FortiSIEM: This three-day course focuses on using and integrating FortiSIEM into network awareness. It discusses initial configurations, architecture, device discovery, collecting performance information, aggregating with Syslog data, and using the configuration database. 

Level 6: Network Security Specialist

Another technical certification for network and security professionals, NSE 6 delves into the Security Fabric product line. Certification requires successfully passing four of the seven available course exams. 

  • FortiADC: This one-day interactive course covers the configuration and administration of FortiADC with fourteen self-paced activities. The lab portion provides hands-on experience with administrative fundamentals, including Layer 4 and Layer 7 server load balancing, link load balancing, global load balancing, high availability (HA), firewall policies, and advanced routing. 
  • FortiAuthenticator: During this course, attendees learn how FortiAuthenticator can help them manage secure authentication and identity management. As part of learning how to configure and deploy the solution, attendees also learn how to use FortiAuthenticator for certificate management, two-factor authentication (2FA), LDAP and RADIUS server user authentication, and SAML Single-Sign-On (SSO). The labs provide experience around how FortiAuthenticator can extend Fortinet SSO and shows how the solution can act as a certificate authority (CA) and logon event collector. Additionally, it covers portal services, FortiTokens, and digital certificates.
  •  FortiMail: This course offers strategies for protecting networks from email threats and integrating with FortiSandbox. The labs explore FortiMail’s role in extending FortiGate email filtering capabilities for enhanced security. It also addresses the email security challenges that small business email administrators and carriers face when deploying, managing, and troubleshooting FortiMail. 
  • FortiWeb: This NSE 6 course focuses on deploying, configuring, and troubleshooting Fortinet web application firewalls (WAFs). It covers key web application security concepts and includes labs featuring traffic and attack simulations using real web applications. Participants will then work with these simulations to gain experience around distributing load from virtual servers to real servers while enforcing logical parameters, inspecting flow, and securing HTTP session cookies. 
  • FortiNAC: In this course, attendees learn best practices for using FortiNAC. Additionally, the lab portion provides hands-on experience with fundamental administrative tasks that implement network visibility and security automation for better control.
  • FortiVoice: With twenty-five self-paced activities, this course centers on FortiVoice configurations for phones, exploring how to set up profiles, extensions, trunk configurations, and call features. 
  • Integrated and Cloud Wireless: With eleven self-paced activities, this course focuses on deploying, configuring, and troubleshooting secure wireless LAN using an integrated wireless solution. Attendees learn RF concepts and best practices for wireless LAN, device configuration, security setting, and troubleshooting. The interactive labs reinforce skills around deploying and centrally managing a wireless LAN. 

Advanced Training

Level 7: Network Security Architect

Network and security professionals involved in designing, architecting, administrating, and supporting security infrastructures are encouraged to achieve NSE 7 certification in one or more of the following six technology areas.

  • OT Security: The thirteen self-paced activities in this course provide information about securing an Operational Technology (OT) infrastructure by designing, deploying, administrating, and monitoring FortiGate, FortiNAC, FortiAnalyzer, and FortiSIEM. 
  • Advanced Analytics: This course focuses on how to optimize FortiSIEM deployments. It includes adding various organizations, discovering devices, differentiating logs and events from multiple organizations, and setting appropriate rules. Additionally, it takes a deep dive into different clear conditions, baseline calculating, and remediation methods. Attendees get hands-on experience with configuring a cluster, adding organizations to FortiSIEM, managing scope, registering collectors, registered Linux and Windows agents, and analyzing events triggered from built-in rules.
  •  Advanced Threat Protection: This NSE 7 course focuses on protecting organizations and improving security against advanced threats. It includes using FortiSandbox for threat detection and understanding local threat intelligence. It also provides information on how to leverage the suite of services to create end-to-end threat protection. 
  • Public Cloud Security: This course covers different public cloud provider infrastructures, including security challenges like high availability (HA), auto-scaling, software-defined network (SDN) connectors, and managing cloud traffic.
  •  Enterprise Firewall: This course, which includes training and hands-on labs, focuses on implementing, troubleshooting, and centrally managing enterprise security infrastructure using multiple FortiGate devices. 
  • SD-WAN: Covering common SD-WAN deployment scenarios, this course looks at different situations, including single enterprise and multiple data center environments to enhance and troubleshoot deployments.
  •  Secure Access: Bringing together FortiGate, FortiAPFortiSwitch, and FortiAuthenticator capabilities, this course educates attendees around securing wired and wireless networks. It covers how to provision, administer, and monitor FortiAP and FortiSwitch using FortiManager. It also explores the deployment, integration, and troubleshooting of Fortinet solutions to enhance network security, as well as how to quarantine risky and compromised devices automatically. 

Expert Training

Level 8: Network Security Expert

A culmination of all the other certifications, NSE 8 is intended for networking and security experts. The technical certification includes a proctored written exam and a practical exam. A two-day immersion self-paced lab session can be taken to prepare for the practical exam after an individual passes the written portion. 

Building Cybersecurity Awareness 

Awareness is the foundation upon which organizations build a robust cybersecurity program. Although many organizations focus on the daily end-user cyber awareness training, they should also consider the value of training their security and network professionals. To maximize investments and enhance cybersecurity, cyber awareness training should ensure that technical security professionals gain the knowledge required to optimize solution deployments for enhanced security. By taking steps to prioritize cybersecurity awareness training, like what is offered through the Fortinet NSE Certification Program and TAA, organizations and individuals alike can get ahead of threats before they can make an impact.

Find out more about how Fortinet’s Training Advancement Agenda (TAA) and NSE Training Institute programs, including the Certification ProgramSecurity Academy Program and Veterans Program, are helping to solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.