Fortinet 620B manual Configure FortiGuard, Updating antivirus and IPS signatures

Page 31

 

 

 

Configuring

Additional configuration

To change the administrator password

1Go to System > Admin > Administrators.

2Select Change Password and enter a new password.

3Select OK.

Alternatively, you can also add new administrator users by selecting Create New, however, you cannot remove the admin administrator. Applying a password for this account is recommended.

Configure FortiGuard

Configure the FortiGate unit to connect to the FortiGuard Distribution Network (FDN) to update the antivirus, antispam and IPS attack definitions.

The FDN is a world wide network of FortiGuard Distribution Servers (FDS). When the FortiGate unit connects to the FDN, it connects to the nearest FDS. To do this, all FortiGate units are programmed with a list of FDS addresses sorted by nearest time zone according to the time zone configured for the FortiGate unit.

Before you can begin receiving updates, you must register your FortiGate unit from the Fortinet web page. For information about registering your FortiGate unit, see “Register your FortiGate unit” on page 7.

Updating antivirus and IPS signatures

After you have registered your FortiGate unit, you can update antivirus and IPS signatures. The FortiGuard Center enables you to receive push updates, allow push update to a specific IP address, and schedule updates for daily, weekly, or hourly intervals.

To update antivirus definitions and IPS signatures

1Go to System > Maintenance > FortiGuard.

2Select the blue arrow for AntiVirus and IPS Options to expand the options.

3Select Update Now to update the antivirus definitions.

If the connection to the FDN is successful, the web-based manager displays a message similar to the following:

Your update request has been sent. Your database will be updated in a few minutes. Please check your update page for the status of the update.

After a few minutes, if an update is available, the System FortiGuard Center page lists new version information for antivirus definitions. The System Status page also displays new dates and version numbers for the antivirus definitions. Messages are recorded to the event log indicating whether the update was successful or not.

Note: Updating antivirus definitions can cause a very short disruption in traffic currently being scanned while the FortiGate unit applies the new signature database. Schedule updates when traffic is light, for example overnight, to minimize any disruption.

For details on further FortiGuard configuration, see the FortiGate Administration Guide.

FortiGate-620B FortiOS 3.0 MR6 Install Guide

 

01-30006-83054-20081015

31

Page 30 Page 32
Image 31
Page 30 Page 32
Contents Install G U I D E Regulatory compliance TrademarksContents AMC modules Advanced configurationFortiGate Firmware Using the web-based managerInstalling firmware from a system reboot using the CLI Testing new firmware before installingPage Register your FortiGate unit IntroductionAbout the FortiGate-620B Lacp configurationAbout this document Addressipv4 Further ReadingDocument conventions Typographic conventionsFortinet Knowledge Center FortiGate Administration GuideComments on Fortinet technical documentation Customer service and technical supportCustomer service and technical support Environmental specifications InstallingRack mount instructions GroundingMounting To install the FortiGate unit into a rackPlugging in the FortiGate Connecting to the networkTo power on the FortiGate unit To power off the FortiGate unitNAT vs. Transparent mode ConfiguringNAT mode To connect to the web-based manager Connecting to the FortiGate unitTransparent mode Connecting to the web-based managerTo connect to the CLI Connecting to the CLITo configure interfaces Go to System Network Interface Configuring NAT modeUsing the web-based manager Configure the interfacesAdding a default route and gateway Configure a DNS serverAdding firewall policies To modify the default gateway Go to Router StaticTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To set an interface to use PPPoE addressing To configure DNS server settingsTo add an outgoing traffic firewall policy To modify the default gatewaySwitching to Transparent mode Configuring Transparent modeTo switch to Transparent mode Go to System Status Source Address All Destination Interface To switch to Transparent mode Backing up the configuration Verify the configurationSet the time and date Restoring a configurationAdditional configuration Set the Administrator passwordUpdating antivirus and IPS signatures Configure FortiGuardAdditional configuration Protection profiles Advanced configurationFirewall policies Firewall policiesAntivirus options Configuring firewall policiesAntiSpam options Web filtering Logging AMC modules Installing AMC filler unitsInstalling modules To install the filler moduleTo insert a module into a FortiGate chassis Using the AMC modulesRemoving modules Hard disk moduleExecute formatlogdisk Log configuration using the web-based managerTo format the ASM-S08 hard disk enter the following command Formatting the hard diskViewing logs Log configuration using the CLIChanging interfaces to operate in Sgmii or SerDes mode FortiAnalyzer command config log disk setting enableConfig system interface edit AMC-SW1/1 Set speed auto End Configure the speedUsing the AMC modules Downloading firmware FortiGate FirmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version To upgrade the firmware using the CLI Using the CLIExecute ping To revert to a previous firmware version using the CLI Execute restore image namestr tftpip4Execute restore image image.out Execute update-nowExecute restore config namestr tftpip4 Installing firmware from a system reboot using the CLIExecute restore image namestr tftpipv4 Execute restore image image28.outEnter Tftp server address To install firmware from a system rebootExecute reboot Press any key to display configuration menuEnter File Name image.out Restoring the previous configurationTo backup configuration using the CLI Enter Local AddressTo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI To test the new firmware image Testing new firmware before installingTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page

620B specifications

The Fortinet 620B is a state-of-the-art security appliance designed to provide comprehensive cybersecurity solutions for medium to large enterprises. As part of Fortinet's FortiGate series, the 620B combines advanced security features with robust performance capabilities, ensuring that organizations can protect their networks against an evolving threat landscape.

One of the standout features of the Fortinet 620B is its exceptional threat protection capabilities. The device utilizes Fortinet's proprietary FortiOS operating system, which integrates multiple security functions, including firewall, intrusion prevention system (IPS), virtual private network (VPN), and antivirus. This unified approach enables organizations to enforce consistent security policies across their network without compromising performance.

The FortiGate 620B is powered by Fortinet's purpose-built security processing unit (SPU) architecture, which significantly accelerates threat detection and mitigation processes. With multi-core processing capabilities, the device can handle high volumes of traffic while maintaining low latency, making it suitable for environments with heavy data flows. This performance is critical for organizations requiring real-time inspection of encrypted traffic, as the 620B offers strong decryption capabilities without sacrificing throughput.

In addition to its security features, the Fortinet 620B includes advanced networking technologies. The device supports software-defined networking (SDN) and integrates with Fortinet’s Security Fabric, allowing for enhanced visibility and control across the entire network ecosystem. This fabric architecture enables seamless communication between multiple devices, streamlining the management of security policies and improving overall network efficiency.

Another key characteristic of the FortiGate 620B is its scalability. Organizations can easily scale their deployment to meet growing demands by utilizing additional Fortinet appliances and services. The device also provides extensive reporting and analytics features, offering insights into network usage and security incidents, empowering security teams to make informed decisions.

Overall, the Fortinet 620B is an exceptional solution for organizations looking to strengthen their network security posture. With its combination of powerful threat protection, high performance, and advanced networking capabilities, it stands out as a reliable choice for safeguarding critical business operations in today's digital landscape. Its comprehensive feature set, combined with Fortinet's commitment to innovation, makes the FortiGate 620B a formidable asset for any cybersecurity strategy.
Top Page Image Contents