How It Works

From raw configuration to clear security insight

ConfigSentry turns FortiGate configurations into structured findings that reflect operational risk, affected FortiGate areas, and report-ready evidence.

Start Free Audit View Sample Reports

Workflow

A simple product workflow from input to report

01

Upload or collector retrieval

Start with a manual export or a read-only collector path.

02

FortiGate parser and model

Policies, objects, services, interfaces, VDOMs, and relationships are mapped.

03

Audit rules and templates

Checks run against the structured model using the selected template.

04

Findings

Severity-ranked results highlight risk, context, and likely remediation.

05

Review findings and reports

Engineer and executive reports support follow-up and history.

Context

Why the evaluation needs configuration context

Configuration charm representing policy context.

Policy example

One rule can hide multiple review points

  • Source scope and destination intent need to be reviewed together
  • Service definitions can widen exposure beyond the rule label
  • Logging state changes how defensible the policy is during audit review
Risk finding charm representing finding logic.

Finding logic

The result is more than a text match

ConfigSentry evaluates the policy together with the linked address group, service scope, and logging state.

That means the finding reflects broad exposure, weak auditability, and the affected FortiGate area rather than only showing that a rule exists.

Methodology

How the output stays reviewable

Configuration charm representing structured parsing.

Structured parsing first

The configuration is modelled before analysis so checks use meaningful relationships, not only raw text matches.

Risk finding charm representing deterministic audit logic.

Deterministic audit logic

Checks run consistently across policy, objects, services, admin settings, and posture signals.

Shield charm representing bounded standards guidance.

Standards mapping as guidance

Mappings support control discussion and evidence gathering, but they are not a compliance guarantee by themselves.

Outputs

What the workflow produces

Report output charm representing the engineer report.

Engineer report

Detailed findings, affected sections, and remediation-oriented context.

Report output charm representing the executive report.

Executive report

A clearer posture and priority summary for leadership and governance review.

Risk finding charm representing repeatable audit history.

Repeatable audit history

A consistent basis for reruns, comparison, and evidence-led follow-up.

Next step

See the report formats or start with a real configuration

The clearest way to judge the workflow is to review the sample outputs or run your own FortiGate audit.

View Sample ReportsStart Free Audit