Fortinet black logo
Best Practices | Solutions Hub

Operational Technology Security

General Information


  • Fortinet Product Matrix
  • Operational Technology Ordering Guide

FortiOS and FortiGate

Quick Start

  • FortiGate Rugged Series
  • FortiGate VM
  • Quick Start Guide FortiGate Rugged 60F Series
  • Quick Start Guide FortiGate Rugged 70F Series


  • FortiOS Data Sheet
  • FortiOS Upgrade Path Tool
  • FortiOS NAT vs. Transparent Mode
  • Automation stitches
  • Configure no session timeout
  • Manual licensing for FortiGate in air-gap environments
  • Support up to 24 interfaces on FortiGate VM
  • How to configure DNP3 proxy feature
  • PRP on SoC4 models
  • PRP configuration for NPU
  • PRP configuration in NAT mode with virtual wire pair
  • OT View for asset visibility and network topology in Asset Identity Center
  • Detecting IEC 61850 MMS protocol in IPS
  • Matching multiple parameters in application control signatures
  • IPS signatures for FortiGuard Industrial Security Service
  • IPS signature filter option
  • Enhanced FortiSwitch topology view
  • Learn mode for security policies in NGFW mode
  • Switch controller - quarantine by redirect
  • Integrated network segmentation
  • MAC address based firewall policies
  • Configuring the Purdue Level for discovered assets based on detected interface
  • Combine the Device Inventory widget and Asset Identity Center page
  • Active SIM card switching available on FortiGates with cellular modem and dual SIM card support
  • Improve the performance of the GUI policy list
  • Prevent FortiGates with an expired support contract from upgrading to a major or minor firmware release
  • Enhance BIOS-level signature and file integrity checking
  • MAC address threat feed

FortiSwitch, FortiAP and FortiExtender


  • FortiSwitch Rugged Data Sheet
  • FortiSwitch Quick Start Guides
  • FortiSwitchOS feature matrix
  • FortiLink compatibility matrix
  • FortiSwitch compatible transceivers
  • FortiSwitch devices managed by FortiOS
  • MRP configuration
  • Supported network topologies


  • FortiAP Data Sheet
  • FortiAP Quick Start Guides
  • FortiAP and FortiOS compatibility matrix
  • Secure Wireless Concept Guide
  • Campus WLAN Architecture Guide
  • Supported upgrade path
  • Ownerless devices - IoT, MPSK and FortiLink NAC


  • FortiExtender Data Sheet
  • FortiExtender Quick Start Guides
  • FortiExtender hardware compatibility matrix
  • FortiExtender and FortiOS compatibility matrix
  • Set the default SIM - Standalone
  • Set the default SIM - Managed
  • Supported wireless carriers
  • Dual modem configuration
  • Supported network topologies

FortiGuard Security Services

Industrial Security Service

  • Application Control (Protocol) Signatures
  • Intrusion Prevention Signatures

FortiAnalyzer and FortiManager

Quick Start

  • FortiAnalyzer Data Sheet
  • FortiManager Data Sheet
  • FortiAnalyzer compatibility matrix
  • FortiManager compatibility matrix
  • FortiAnalyzer configuration examples
  • FortiManager configuration examples
  • FortiManager operating as an FortiGuard Distribution Server (FDS) in a closed network
  • FortiAnalyzer - OT Purdue Model in a consolidated Asset & Identity Center Dashboard
  • FortiAnalyzer - Support parsing and addition of third-party application logs to the SIEM DB
  • FortiAnalyzer - OT Security Risk Report
  • FortiAnalyzer - Cyber Threats Assessment Report update
  • FortiAnalyzer - Threat Report update
  • FortiAnalyzer - Block out contract device from upgrading to next or major or minor release

FortiSIEM and FortiSOAR


  • FortiSIEM Data Sheet
  • FortiSIEM Collector support with data diodes
  • FortiSIEM offline upgrades
  • FortiSIEM hardening guide
  • FortiSIEM content updates and outbreak alerts
  • FortiSIEM Operational Technology support
  • FortiSIEM mapping of Purdue level from FortiGate


  • FortiSOAR: Optimize OT Security Operations

Solution Briefs, Solution Guides and White Papers

Solution Briefs

  • Protecting OT Infrastructures With Real-time, Automated Endpoint Security
  • Securing Open Platform Communications in OT Environments with FortiGate Next-generation Firewalls
  • Securing OT with Network Microsegmentation
  • Fortinet Provides Zero-day Protection in OT Environments

Solution Guides

  • A Solution Guide to Operational Technology Cybersecurity

White Papers

  • Managing ICS Security with IEC 62443
  • Effective ICS Cybersecurity Using the IEC 62443 Standard
  • Security by Design: A Systems Road Map Approach
  • Effective Implementation of the NIST Cybersecurity Framework with Fortinet
  • How to Use NERC-CIP: An Overview of the Standards and Their Deployment with Fortinet
  • Implementation Guide for Vendors and Integrators Working in NERC-CIP Environments
  • Aligning Your Security Program with the NIS Directive
  • Enabling NIS Directive Compliance with Fortinet for Operational Technology
  • Advanced Threat Protection for Industrial Control Systems and Operational Technology
  • Secure Access for Operational Technology at Scale
  • Network Access Control in ICS/OT Using FortiNAC
  • Securing OT in the Face of IIoT and 5G
  • Next-Generation Cybersecurity for Buildings
  • Cities of the Future: Smart with Secure Infrastructure

Fabric-Ready Partner Integrations

Fabric-Ready Partner Integrations

  • Fabric-Ready Partner Portal
  • Fortinet and Nozomi Networks Comprehensive OT Security Solution
  • Fortinet FortiGate and Nozomi Networks Guardian Deployment Guide
  • FortiSIEM CMDB and Nozomi Networks Guardian Integration
  • Fortinet and Claroty Comprehensive ICS & SCADA Cybersecurity Solution
  • Integrated Technology from Dragos and Fortinet
  • FortiSIEM and the Dragos Platform Deliver Security Visibility
  • Fortinet and Schweitzer Engineering Laboratories Security Solution

Cybersecurity Awareness, Training, and Certification

Cybersecurity Awareness, Training, and Certification

  • Product Demos
  • Security Awareness and Training
  • Fast Track Workshops
  • Education Path OT Security
  • NSE 7 OT Security