Fortinet’s latest release, the FortiGate 50G, introduces groundbreaking features that enhance network security and ease of management. One of the standout features of this new model is the BIOS-level signature and file integrity checking, coupled with a novel LED indicator system and a physical switch for configuring security levels. This combination provides administrators with robust protection against unauthorized and potentially harmful software.
Enhanced BIOS-Level Security
The FortiGate 50G includes an enhanced BIOS-level signature and file integrity checking system. This security measure ensures that all FortiOS GA firmware images, AV engine files, and IPS engine files are authenticated before being utilized by the device. The integrity check process includes:
- Dual Signatures: Every firmware and engine file must be dually-signed by both the Fortinet Certificate Authority (CA) and a third-party CA. This dual-signature requirement enhances the trustworthiness of the files and mitigates the risk of tampering.
- Hash Verification: The BIOS verifies that each file matches its secure hash as indicated by the certificates. If there is a discrepancy, users are warned, and the system may prevent booting based on the severity and the BIOS security level configured.
BIOS Security Levels
The FortiGate 50G utilizes a three-tier BIOS security level system, controlled via a physical switch on the device.
Fortigate 50G – Signed Firmware switch protected by a screw.
This system determines the action taken during the signature and integrity checking process and provides flexibility while ensuring the highest levels of protection. The security levels and their behaviors are as follows:
- Level 2 (Green): This is the default and most secure setting.
- Requirement: FortiOS requires all file signatures to match their secure checksums as indicated on both Fortinet and third-party CA signed certificates.
- Behavior:
- If a file has a Fortinet CA signed certificate but no third-party signed certificates, FortiOS can still run but displays a warning in the GUI and CLI.
- If a file has no valid certificate signed by the Fortinet CA, FortiOS is not allowed to run.
- Level 1 (Amber): This setting offers a balance between security and flexibility.
- Requirement: FortiOS requires all file signatures to match their secure checksums as indicated on the Fortinet CA signed certificate.
- Behavior:
- If a file has no valid certificate signed by the Fortinet CA, FortiOS can still run but displays a warning in the GUI and CLI.
- Level 0 (Red): This setting is not recommended due to its minimal security checks.
- Requirement: FortiOS does not perform code verification.
- Behavior: All files are accepted without verification, posing a potential security risk.
Use Cases and Outcomes
The outcome of the signature and integrity check varies based on the configured BIOS security level and the certificate authority that signed the file. Here is a summary of the outcomes:
| Use Case | Certificate Signed by | Level 2 (Green) | Level 1 (Amber) | Level 0 (Red) |
|---|---|---|---|---|
| GA-Certified | Fortinet CA & Third-party CA | Accept | Accept | Accept |
| Non-GA Certified | Fortinet CA | Warning | Accept | Accept |
| Interim and Dev Builds, Unknown | None | Reject | Warning | Accept |
For instance, when upgrading firmware:
- Level 2: Dual-signed firmware is accepted, unsigned firmware is rejected.
- Level 1: Dual-signed firmware is accepted, unsigned firmware triggers warnings but is still installed.
- Level 0: All firmware is accepted without verification.
Practical Application
The BIOS-level signature and file integrity checking system in the FortiGate 50G ensures that only authenticated and verified files are used, significantly reducing the risk of malware and unauthorized access. Administrators can easily configure the BIOS security level using the physical switch, and the LED indicators provide a clear and immediate visual status of the system’s security level.
By implementing these advanced security measures, Fortinet continues to lead in network security, offering robust protection and peace of mind for organizations of all sizes. The FortiGate 50G’s focus on secure firmware integrity ensures that your network remains safeguarded against emerging threats.