Sophos & Fortinet Firewall Assistance

@AhmedMFakkar

Hello Dear, I am a FortiGate and Sophos expert and I have also Cisco CCNP certificate. I have great experience in various network technologies such as VLAN, STP, OSPF, EIGRP, BGP, MPLS, OpenVPN, IPsec, L2TP, PPTP, SSL, etc. Also, I have great hands-on experience in, - Cisco Routers ASR 9k&1k, ISR 4K, 2900, 2800, 878, 888, Switches Nexus 9K, Cat 6500, 3850, 2900 and ASA 5505, 5506x, 5508. - Juniper Routers (M7, M10, MX 480, MX 960) and SRX (300, 500). - Palo Alto 220, 550, 850 and 3200 and Fortigate 40F, 60F, 100E, 200E and 800E Firewalls. - Huawei routers NE-40, NE5000E and Switches Quidway S2700 and S5300. - HP Switches procurve 3500 and procurve 5900. - Mikrotik CCR1036, CCR1009, CCR1700, CCR2204 and RB2011. We can discuss it further, let me know if you are interested. Regards, Ahmed Fakkar

@ExpertNetworkEng

Hello, I’m a Senior Network & Security Engineer with 10+ years of hands-on experience designing, implementing, and migrating enterprise and service-provider networks. I specialize in Network Security, SD-WAN, routing & switching, enterprise wireless, and secure network architecture, helping companies modernize legacy networks, improve reliability, and reduce WAN costs. Core expertise: - Firewalls & Security: FortiGate, Palo Alto, Cisco ASA / Firepower IPsec & SSL VPN, site-to-site, remote access, policy design - Routing & Switching: Cisco ASR/ISR, Catalyst, Nexus, Juniper Routers (M10, MX 960) and SRX 500 (BGP, OSPF, EIGRP, IS-IS, MPLS, VLANs, STP, HSRP/VRRP) Enterprise LAN & campus design - LAN Switching (Multi-Vendor): Cisco, Juniper, Meraki, HP, Aruba, FortiSwitch Access/core design, redundancy, QoS, segmentation - Enterprise Wireless: Cisco WLC & APs, Cisco Meraki Wi-Fi, Ubiquiti, Aruba Wi-Fi, FortiAP Coverage design, roaming, security, troubleshooting - SD-WAN: Fortinet SD-WAN, Cisco SD-WAN (Viptela), Cisco Meraki (hub-and-spoke, MPLS + Internet, segmentation, HA, traffic steering) - Cloud & Hybrid Networking: AWS / Azure / GCP Site-to-site VPN, routing integration - Network Automation: Python Certifications: CCIE Enterprise Cisco Certified Specialist – Enterprise SD-WAN Implementation CCNP Data Center CCNP Security Juniper JNCIA-Junos, JNCIA-Cloud If you share your current setup and goal, I can propose a clear and practical solution. Best regards,

@mnomanrajput

With my extensive expertise in network and server administration, as well as a diverse range of experiences with various firewall systems including Sophos, Fortinet, Cisco, Palo Alto and Sonicwall, I am confident in and well-suited for your project. My certifications in Cisco CCNA & CCNP (Routing & Switching), CCNP Security , and CCNP Data Center, combined with my deep understanding of firewalls like Palo Alto, Sophos and Fortinet will ensure a comprehensive examination of your current network architecture. Apart from being well-versed in VPN troubleshooting such as the intermittent drops you mentioned and firewall configuration in line with best-practice guidelines, I have a notable ability to design and implement medium and large-scale enterprise networks. Building on this experience, I will create a documented policy package that deals with the segregation of internal zones while maintaining security of external exposure for easy restoration if needed. Lastly, I have always upheld thorough change-control etiquette and believe in continuous communication with my clients throughout the project period. Working remotely through HTTPS/SSH wouldn't pose any problem for me and rest assured that your network edge incorporating the Sophos XG appliance and Fortinet FortiGate will be handled adeptly. Trusting me with this project ensures certified proficiency, vast experience and efficient firewall management. Don’t hesitate to reach out to me.

@Dsayyed04

I will perform a full configuration audit and remediation of your Sophos XG and FortiGate firewalls, with the goal of eliminating legacy cruft, resolving performance and VPN instability, and delivering a clean, least-privilege, well-documented rulebase that is maintainable long-term. This engagement is structured to minimize operational risk while addressing both security posture and real-world traffic behavior observed in production.

@muusmani22

Legacy rules and quick fixes required to cater ad-hoc needs. Rules and Configuration should be standardized and Simplified. Need to follow the SD-WAN feature and design policies accordingly. IPSEC VPN also comes in it with unified policy for all sites.

@sitaram5144

Hello, I’m an experienced Firewall & Network Security Engineer with 12+ years of hands-on experience working with Sophos XG/SFOS and FortiGate (FortiOS) in live production environments. I can back up and audit your current configurations, clean up legacy and redundant rules, fix VPN and traffic drop issues, and rebuild a clear, least-privilege security policy aligned with best practices. You’ll receive original backups, updated running configs, and a concise handover document detailing all changes. I follow strict change-control and will keep you informed throughout remote access via HTTPS/SSH. Best regards, Sitaram Banskota

@mhmdalhrwb58

It is worth mentioning that my academic and practical background in Cybersecurity, combined with my hands-on experience in Systems and Networking, has enabled me to continuously expand my technical expertise. This passion for growth drives me to contribute effectively within professional teams, ensuring the delivery of secure and efficient IT solutions while progressing toward my career goals.

@alwaystalib

​I am a seasoned network security engineer specializing in SFOS (Sophos) and FortiOS (Fortinet) environments. I will transform your "quick-fix" configurations into a hardened, high-performance architecture based on Zero Trust / Least-Privilege principles. ​My Approach: ​Audit & Cleanup: I’ll perform a deep-dive analysis to consolidate redundant rules, optimize NAT, and align IPS signatures with best practices. ​Stability: I will resolve your intermittent VPN drops and web traffic issues by fine-tuning MTU settings, tunnel keep-alives, and SD-WAN/failover logic. ​Documentation: You’ll receive a clean rule base, full backups, and a detailed Change Log explaining every adjustment made. ​I follow strict change-control etiquette and provide real-time updates via your preferred channel. Let’s secure and stabilize your edge

@ta014

I’m a firewall and network security engineer with hands-on experience in Sophos XG (SFOS) and FortiGate (FortiOS) environments. I can help you clean up legacy configurations, improve performance, and implement a structured, least-privilege rule base without disrupting production. I will begin by taking full configuration backups of both appliances and reviewing interfaces, zones, NAT, VPN, IPS, and logging settings against vendor best practices. Redundant, shadowed, and overly permissive rules will be removed or refined, and policies will be reorganized for clarity, efficiency, and security. For troubleshooting, I’ll analyze logs and session tables to identify root causes of VPN drops and outbound traffic interruptions. Validation will include live traffic testing, tunnel health checks, and performance monitoring to confirm stability. Finally, I will design a clearly segmented security policy that enforces proper internal zone separation and controlled external exposure. Deliverables will include updated configs, original backups, and a concise change document explaining every modification and its justification, following strict change-control procedures throughout.

@Narayanaraob

With a deep understanding of Cisco networking, Windows and Red Hat Linux systems, I pride myself on being able to proficiently work with diverse infrastructures. My vast skill set which includes network administration and engineering, network security, DNS management, firewall and VPN configuration, and continuous network monitoring makes me best suited for your Sophos & Fortinet Firewall Assistance project. Throughout my career I have placed a strong emphasis on network security, making sure that systems are always up-to-date and aligned with the latest standards in cybersecurity. I believe strongly in the mantra "secure by design" and this can be seen in my approach to firewall configuration. I always adhere strictly to best practices, ensuring your Sophos XG appliance and Fortinet FortiGate unit are designed with a clean, least-privilege rule base. Additionally, I will bring a proactive approach to this project by troubleshooting not only what's clearly problematic but also identifying those hidden issues that could pose potential threats to your system's performance and security. My end goal is to provide you with updated configurations, backup files as well as a detailed documentation explaining each change made. Rest assured, while working remotely I will strictly follow change-control etiquette and provide transparency by keeping you informed throughout the process.

@Rifqirachman01

Hello, I can help you clean, stabilize, and harden your Sophos XG and FortiGate firewall environments with a structured and change-controlled approach. I have hands-on experience working with both Sophos SFOS and FortiOS in production networks where legacy rules and quick fixes gradually reduce performance and security clarity. My focus is to simplify the rule base while improving stability and control. For this project, I will: • Take full configuration backups before any changes • Review and optimize firewall rules using a least-privilege model • Clean up redundant NAT, policy, and zone mappings • Analyze VPN instability through log inspection and live traffic testing • Resolve intermittent drops affecting site-to-site VPN and outbound traffic • Align IPS, logging, and interface configurations with best practices The result will be a clean, documented firewall policy structure that is easier to maintain, secure by design, and performance-aware. You will receive original backups, updated configurations, and a concise change log explaining each modification and its reasoning. All work will follow proper change-control etiquette with continuous updates during implementation. If you’re ready to bring order and stability back to your firewall stack, I’m ready to start. Best regards, Rifqi

@helpscoding

Hello, I am a Cybersecurity Engineer currently working as a SOC Analyst, with hands-on experience managing and hardening enterprise firewall solutions including FortiGate and Sophos XG. In production environments, I have configured and optimized security policies, NAT, IPS, VPN (site-to-site IPsec), logging, and network segmentation following best-practice and least-privilege principles. For your project, I will perform a complete configuration audit of both appliances, securely back up the existing setups, clean and restructure the rule base to eliminate legacy and redundant entries, and align all interfaces, NAT, VPN, IPS, and logging settings with industry standards. I will also troubleshoot the intermittent VPN and outbound traffic issues through log analysis and live validation testing. You will receive the updated configurations, original backups, and a clear change log document explaining every modification and the reasoning behind it. I am comfortable working via HTTPS/SSH in production environments and strictly follow change-control procedures to ensure stability and transparency throughout the process.

@akshay050901

Hello, I am a network security engineer experienced with Sophos XG (SFOS) and FortiGate firewalls. I will securely back up your current configurations, audit all interfaces, zones, NAT, VPN, IPS, logging, and firewall policies, and remove legacy or redundant rules to build a clean, least-privilege rule base. I will troubleshoot the intermittent site-to-site VPN and outbound traffic drops through live diagnostics, log analysis, routing and MTU checks, and phase 1/2 validation to identify and resolve root causes. Deliverables include optimized configurations, original backups, validated performance, and a concise handover document detailing all changes and reasoning. All work will follow proper change-control procedures with continuous communication.