Blocks Attackers with Fortinet Firewall

I devoted decades to improving network security—from my early years as a network admin in the 1990s, working with mux for voice and data over PSTN, and defending against the Slammer worm as it hit networks overnight. Now, as the owner of my own security company, I’ve helped businesses, banks, and organizations develop ironclad security postures.

I recently helped three banks upgrade their zero-trust architecture. You’d think that the financial institutions would have their security sewn up, but hold on? Attackers are constantly searching for new methods of entry—due (in part) to businesses continuing to underestimate one simple reality:

If your firewall rules are set improperly, then you might as well just leave the front door open.

And that is what we are going to fix today with Fortinet firewall.

The Dangers of Property Intrusions

Let’s start with the problem. If an attacker can access your server unauthorized, you are risking:

• Data theft — Customer information, financial, intellectual property— poof.
• Ransomware — Attacker locks up your systems and usually demands a whopping amount.
• Lateral movement — They then jump from server to server, causing havoc once inside.
• Regulatory fallout — Fines for non-compliance, lawsuits from customers, tarnished reputation.

Most breaches? They are merely due to bad firewall settings. It’s either open ports that no one closed, insecure access rules, or lazy credential policies (don’t get me started on weak passwords).

But never fear — we’re changing that today.

Firewall Access Control Capabilities

Here’s the reality — firewalls are only as strong as their rules. Fortinet offers an extensive range of features to manage and limit server access:

• Access Control Lists (ACLs) – Specify who logs in and who doesn’t.
• Role-Based Restriction – Restrict access to users by their roles or the departments they belong to.
• Geo-Blocking – Block traffic from certain countries known for threats.
• Application Control & Deep Packet Inspection – Block bad traffic at layer 7 with advanced identification.
• MFA Integration — Mitigate risks of credential-based attacks.

Like you, I’ve also witnessed far too many businesses just slap down their firewall, accept the defaults, and think they’re protected. Not how this works.

Working with User & Device Restrictions

Using Fortinet firewalls, now let’s set up some proper server lockdown strategies.

1. No Access by Default – Deny Policy at the Beginning Lay down your perimeter and let in only what’s necessary.
2. Restrict Administrative Ports – Those SSH, RDP, and management panels?
   • Do not connect them to the internet.
   • Employ jump hosts or a secured VPN instead.
3. IP Whitelist – Only allow connections from approved networks. Forget wide-open access.
4. MAC Address Filtering – Block unauthorized devices from connecting, even if they manage to snake an internal IP.
5. Enforce User-Based Policies – Restricting access to identities (not just IPs) prevents abuse when IPs change dynamically.
6. Geo-Restriction Rules — Block access attempts from countries where you don’t do business. This also takes care of a lot of foreign attacks.
7. Automated Intrusion Prevention – Enable IPS rules to automatically block repeated failed login attempts – Brute force attacks do not rest.

Still reading? Good — because this is where it matters.

Fortinet Access Control Solutions by PJ Networks

We do so when configuring Fortinet firewalls for our customers:

1. Perimeter Lockdown

• Shut down unneeded ports — end of story.
• Add Zero Trust Network Access (ZTNA) to harden your server further.

2. Role-Based Server Access

• IT admins have full access; normal users access only what they need.
• Service accounts? Logged and audited harshly — no ifs, ands, or buts.

3. Dynamic Authentication and Logging Reporting

• Users logging on from unfamiliar places? They get flagged immediately.
• After that setup, deploy FortiAnalyzer to watch and alert in real time.

4. Continuous Audits & Optimizing Rules

• Threat landscapes evolve. So should your firewall rules.
• We audit configurations on a quarterly basis — set-and-forget security is a recipe for failure.

Real case? One of my corporate clients had an “allow all outbound” rule — that meant if a piece of malware got in, it could exfiltrate everything, a free for all. With aggressive egress filtering and application-aware rules, we fixed that in 30 minutes. Now? No data leaks.

Quick Question – Are You Securing Your Servers Right?

Short on time? Your 3-minute security checklist is below:

• ✔ Limit server traffic from the outside in—close everything except the ports you need.
• ✔ Leverage MFA on all administrative accounts.
• ✔ Enforce access whitelists — no more “anywhere” access.
• ✔ Enable intrusion prevention to protect against brute-force attacks.

You are based on data until October 2023. I mean it. Because security is not a one-time task. It’s a constant battle.

Conclusion

Unauthorized server access is not so much one big mistake — it’s a series of small things that can be ignored.

If (and only if) you set up your firewalls right, attackers can be blocked by devices like Fortinet long before they even knock on your door.

You name it, and at PJ Networks we’ve experienced it, whether banks, hospitals, or enterprises, we’ve discovered security holes customers weren’t even aware of.

So consider this blog the sign: Harden that firewall today.

Because hackers? They don’t sleep. And their payday is your data.