Your very welcome lots of videos on the channel and it’s not going to stop! Let me know if there is anything specific you would like!

You’re very welcome, checkout some of the other videos there is like 50 or something now. The FortiManager series in particular is recommended.

Glad it was helpful! Your Welcome!

You’re welcome, more videos soon.

Yes this is correct if your only limiting to DNS meaning all other potential exploits that might be wrapped inside tls/ssl are mitigated only leaving things specific to dns like reflection attacks. I’ll be honest I wanted to expand more on this whole deep packet discussion but the video had already massively overran! I’ll be doing a video at some point specially around deep packet inspection. There are clients out there such as programmable logic controllers in the OT space where you cannot even install a certificate to be able to do it! Thanks for reaching out!

@@FortiBytes I would love to see a video about SSL deep inspection. I notice a lot of companies struggle with it and because of the impact it gives, they are not using it. Causing blind spots. I hope you can do a video that also explains how to deal with apps/websites that don't like SSL deep inspection and also what are like the basic design/implementation routes you take before turning it on and causing a big bang.

​@@sn3aky-t217Thanks for reaching out Its the next video I'm doing! (I promise). Its a complex topic that's super important and I want to ensure I hit the spot with it. The videos I have been releasing this week and the one tonight are leading up to it!

Hey, great question and its something that comes up quite frequency. IF you have the resources to do so then its best practice to apply IPS to outbound policys also. Sometimes malware gets inside your envrioment meaning that the traffic orginates from the inside lets use a TCP based reverse shell for example communicating back to a know C&K server.

Make sure you look into some of the other videos on the channel, specially deep packet inspection as most of the traffic going through your device is encrypted so you need some additional steps to be able see into that traffic.

@@FortiBytes thanks, I had enabled everything but had to back it down due to certificate warnings

Thanks Si

Yes it's much better. Huge improvement. Really enjoy the videos. Maybe for the future you could check if you could place some items that reduce the echo-ing. I think you could fabricate something with curtains/rug/pillows/whatever before you go and purchase all these expensive sound panels.

@@sn3aky-t217 I’m sat in the sound proofed room that’s designed to keep the sound inside! So it’s working against what we need here! I’m going to get some of that foamy stuff and plaster it all over the walls at some point! Thank you for the awesome feedback also!

Hi 👋 ok no problem I’ll try and do more to the point technical stuff in future. Thanks for taking the time to feedback.