Below are common questions about how ConfigSentry works, what it audits, and how it helps improve FortiGate firewall security and compliance.

What is ConfigSentry?

ConfigSentry is a FortiGate-specific firewall auditing platform that analyses firewall configurations to identify security risks, misconfigurations, and compliance gaps.

Which FortiGate models are supported?

ConfigSentry supports FortiGate firewalls across physical, virtual, and cloud deployments, provided a valid FortiOS configuration is available.

Does this only audit firewall policies?

No. ConfigSentry audits the entire FortiGate configuration, including administrative access, VPNs, interfaces, objects, logging, and security posture settings.

What compliance standards does it check against?

Audits reference industry best practices and recognised frameworks such as the CIS FortiGate Benchmarks, along with general security hygiene principles.

Is this an official Fortinet product?

No. ConfigSentry is an independent auditing solution developed by Auditity, designed to complement Fortinet products—not replace them.

How does the audit work?

Audits are performed by analysing a FortiGate configuration, either uploaded manually or retrieved automatically. The configuration is evaluated against a large set of deterministic and contextual security checks.

Do you make changes to my firewall?

No. ConfigSentry is a read-only auditing platform. It never pushes configuration changes or executes commands that modify your firewall.

Is direct firewall access required?

Direct access is optional. You can run audits using uploaded configuration files, or enable direct read-only access for continuous monitoring and enhanced analysis.

What are the benefits of continuous monitoring?

Continuous monitoring helps detect configuration changes, security drift, and newly introduced risks over time—rather than relying on infrequent manual reviews.

How often are audits performed in continuous mode?

Audit frequency is configurable. Common setups perform checks at short intervals to detect changes quickly without impacting firewall performance.

How are risks presented?

Findings are categorised by severity and include context, impact, and recommended remediation steps to help teams prioritise fixes.

Can this help with external audits?

Yes. Reports can be used to demonstrate security posture, internal controls, and alignment with best practices during internal or third-party audits.

Does ConfigSentry replace manual firewall reviews?

It significantly reduces manual effort, but is best used alongside experienced security and network professionals for final decision-making.

Is my firewall data secure?

Yes. Firewall configurations are handled securely and used solely for auditing and reporting purposes.

Does it support multi-firewall environments?

Yes. ConfigSentry can audit multiple FortiGate firewalls or clusters, allowing organisations to maintain consistent security standards across environments.

Can I customise audit assumptions?

Yes. Certain non-deterministic checks can take contextual inputs—such as whether regular security reviews or change control processes are in place.

Does this work for cloud-hosted FortiGates?

Yes. Cloud-deployed FortiGate instances can be audited in the same way as on-premises firewalls, provided configuration access is available.

Who is ConfigSentry designed for?

It is designed for network engineers, security teams, consultants, and organisations responsible for securing FortiGate environments.

How quickly can I run my first audit?

New users can run their first audit within minutes after signing up, using either an uploaded configuration or connected firewall.

Where can I learn how to get started?

Visit the Try for Free page to learn how to sign up and run your first free ConfigSentry audit.