config system global
    set admin-telnet disable
end

V7 – Set Memory HA Failover – New Features | FortiGate / FortiOS 7.0.0 | Fortinet Documentation Library

Add Interface Bandwidth of Wan port to Dashboard

Enable device detection on LAN interfaces

Proxy based always

Link Monitors for HA Links 

Remove Hardware Switch

DOS Policies

Enable Full Logging on every Policu

System->Settings -> Enable SNMP for Monitoring

If there is an IPSec tunnel, there should be a higher distance blackhole route for all remote prefixes. Check with TSO prior to implementing.
https://community.fortinet.com/t5/FortiGate/Technical-Note-Use-of-Black-hole-route-in-site-to-site-IPsec-VPN/ta-p/192526

Activate License and Forticloud

Webfilter

Peer-to-peer File Sharing in Bandwidth Consuming Block

Adult Mature – Monitor Abortion \ Gambling and Alchol 

Feature List