No worries, thank you for your input!

4. what logging/debugging would you activate for that case? - Not too familiar with Fortigate yet and would appreciate some tipps, IF you are familiar with those.
5. the IPSec tunnel is the only connection between these locations so it is rather difficult. But I get what you mean and check if there is another option.

Good points!

Not sure on the logging. I’m a data center guy and would rather see firewalls in the trash lol. They usually just cause problems.

Haha - I’d like to disagree, but you are right.

For the WAN, surely there is some way you can reach those sites over the general internet. You have ISP connections.

I for sure could do it, but it is not that easy to expose a server to the internet. There would be multiple departments involved and I need to get permission. And yeah, even with IP whitelisting. I guess that will be my last resort.

Still waiting for the test clients. Probably going to shift some hours into the weekend so I don’t disturb daily business.

Not yet. Just got access to the test clients and I have planned to do a troubleshooting session tomorrow in the morning. Not a big fan of stress testing the network on a working day haha

Thank you Jerry!

I am hosting multiple services, but my application/web security knowledge is lacking. Is there a guide or framework to check for common or risky mistakes? Is there a list of things I should check every application for, or guide on how to harden hosted applications? That is a topic that I am going to tackle in the near future, and would appreciate some tips in advance.

Thank you!

Thank you!

Ping - Update 2 @Avian_Carrier@infosec.pub @jharrison@infosec.pub @SgtKetchup@infosec.pub

I hope it is ok to ping you.

Ping - Update 2

Ping - Update 2 Your numbers are are still missing since I havent had time to look into the pcaps yet. I hope I can get it done by the end of the week, but we are a little bit wiser.