Boll Tech Blog
15 FOLLOWERS
Founded in 1988, the IT security distributor BOLL Engineering Ltd is one of the top names in the Swiss security channel business. Follow their Boll tech blog which shares information about UI, UX, AI, technology solutions, Fortinet and many more technlogical topics.
Boll Tech Blog
3d ago
Motivation
As a distributor we offer various security products from different vendors. On the one hand these are FortiGate and PaloAltoNetworks NGFW firewalls to make the perimeter more secure, on the other hand products & services from Kaspersky. Kaspersky offers various threat feeds that can be used in other products. So why not extend FortiGates and PAN NGFW with these feeds from Kaspersky to increase security even more? Here are my first experiences.
Kaspersky Threat Intelligence Portal
Kaspersky provides the threat feeds through various sources like JSON via HTTPS or STIX via TAXII.
A ..read more
Boll Tech Blog
1w ago
Palo Alto Networks discovered a vulnerability (CVE-2024-3400) with a CVSSv4.0 base score of 10 that impacts PAN-OS version 10.2+ with GlobalProtect and telemetry enabled. We strongly recommend all review the advisory for remediation steps.
Are you affected?
This vulnerability does not apply to you if any one of the following apply:
You are running a PAN-OS version < 10.2
You do not have GlobalProtect Gateway enabled
You do not have telemetry enabled
Please check if you are running one of the affected PANOS software versions.
As you can see, we expect a bugfix asap with ETA by 14.4.2 ..read more
Boll Tech Blog
3w ago
Recently, I had the challenge of rolling out an Outlook add-in in an Exchange 2016 environment. In the past, this used to be straightforward task in the Exchange Control Panel (Organization → Add-ins → Add from the Office Store).
While the link to the Microsoft AppSource still works, you’re required to sign-in using an Microsoft 365 account. This would not be a problem, if the process would redirected you back to the on-premise server. However, the portal always tries to activate the add-in for Exchange Online.
As I have not found a solution to this issue, I have come up with the following wor ..read more
Boll Tech Blog
1M ago
We have received several support requests regarding interrupted mailflow between Exchange Online and SeppMail appliances. The mailflow is interrupted since 07.03.2024 at 23:00 CET time.
In the MS365 logs, the following error message is shown:
LED=450 4.4.317 Cannot connect to remote server [Message=UntrustedRoot] [LastAttemptedServerName=securemail.domain.ch] [LastAttemptedIP=12.34.56.78:25] [SmtpSecurity=-1;-1] [MS365EXOHOSTNAME.PROD.OUTLOOK.COM 2024-03-08T11:11:11.111Z MESSAGEID]}
At the moment we assume, that a configuration issue on the SeppMail appliance is responsible for this error. W ..read more
Boll Tech Blog
2M ago
3CX is a very widespread UC solution (phone system or also known as PBX). FortiGate is a very widespread firewall solution. Both of the products are very good in doing their thing. But to work together, a littlebit of configuration work is needed.
Below you can find an example configuration of a FortiGate firewall that is used to allow the communication from and to the 3CX communication system.
Please note, that this solution is only containing the complementary FortiGate configuration. UTM profiles and other security features are not part of this documentation and are needed to be added later ..read more
Boll Tech Blog
2M ago
Im Boll Support treffen in den letzten Wochen vermehrt SeppMail Anfragen ein. Seit Microsoft in MS365 Exchange Online einige Anpassungen im Spamfilter (Defender Funktion) gemacht hat, werden die Mails als Spam quarantänisiert, welche von der SeppMail zu MS365 in paralleler Konfiguration hochgesendet werden.
Um das Problem zu umgehen hat SeppMail ein neues Feature eingeführt: Das ARC sealing. Bei einer parallelen Anbindung des SEPPmail Gateway mit Exchange Online ist die Konfiguration von ARC Sealing unterdessen zwingend notwendig.
Wie wird das ARC sealing konfiguriert?
Aktualisieren Sie Ihre ..read more
Boll Tech Blog
2M ago
From time to time we face performance problems on FortiGate units in our daily support life. Most often the impacts of performance problems on the FortiGate are not typical. Or let’s say “not as an admin that is not familiar with FortiGates would expect”. The expectations vary from high delay on network traffic up to unresponsiveness of the system or even a system crash. But what we experience in reality differs very much from this expectations: We see skipped UTM inspections, slow webadmin access, notification emails about conserve mode and, in very rare cases, even the the blocking of new se ..read more
Boll Tech Blog
2M ago
Maybe you have already noticed (or maybe you have been informed by our Fortinet Firmware Update mailing list) that Fortinet has released of some new FortiOS patches on Feb. 7, 2024. To be more precise – all Fortinet minor and major versions that are running on Fortigate models that are not EOL yet have been updated: 7.4, 7.2, 7.0, 6.4 and even 6.2 which is end-of-support since September 2023.
We know from experience that it is not a good sign when Fortinet is updating all these versions at the same time. Additionally it’s noteworthy that the release notes for 7.2.7 and 7.4.3 do not contain any ..read more
Boll Tech Blog
2M ago
In this post we want to share some of the most seen reasons for slow performance on FortiGate appliances with you. This are experiences we’ve made in our support department and is not a concluding list.
Traffic shapers
Traffic shaping is an evergreen topic. We have already written two blog posts about traffic shaping. The biggest problem on traffic shaping is, that most administrators that configure the shaping, are not aware how the shaper and also the shaped traffic behaves when a shaper is set in place. You can find the blog posts here:
Traffic Shaping auf der Fortigate v5.4
Warteschlang ..read more
Boll Tech Blog
2M ago
Maybe you have read in the “New Features” Guide for 7.4 about this new feature: “Prevent FortiGates with an expired support contract from upgrading to a major or minor firmware release”. Here it is explained that you cannot upgrade your Fortigate to a higher major or minor version (eg. upgrading from 7.4 to 8.0 or 7.6) with an expired support contract, while upgrading to a higher patch build (e.g 7.4.1 to 7.4.2) is still possible.
In principle, this is absolutely legitimate on Fortinets part. The development of the firmware is not free of charge and must be financed.
But the behavior you will ..read more