Fortinet 620B manual Web filtering

Page 37

 

 

 

Advanced configuration

Web filtering

Banned word lists are specific words that may be typically found in email. The FortiGate unit searches for words or patterns in email messages. If matches are found, values assigned to the words are totalled. If the defined threshold value is exceeded, the message is marked as spam. If no match is found, the email message is passed along to the next filter.

You configure banned words by going to Antispam > Banned Word.

While FortiGuard services maintain a large list of known spammers, it is not perfect. In some cases, some mail tagged as spam is an individual you want to receive mail from, while email that is not caught by the spam filters or users you don’t want to receive email from gets through to your inbox.

White lists and black lists enable you to maintain a list of email addresses that you want (white list) or don’t want (black list) to receive email from. You can add or remove addresses from lists as required. The FortiGate unit uses both an IP address list and an email address list to filter incoming email, if enabled in the protection profile.

When performing an IP address list check, the FortiGate unit compares the IP address of the message's sender to the IP address list in sequence. If a match is found, the action associated with the IP address is taken. If no match is found, the message is passed to the next enabled spam filter.

When performing an email list check, the FortiGate unit compares the email address of the message's sender to the email address list in sequence. If a match is found, the action associated with the email address is taken. If no match is found, the message is passed to the next enabled antispam filter.

To configure black/white lists, go to AntiSpam > Black/White List.

You enable antispam options for each mail service (POP3, IMAP and SMTP) in the protection profile. To configure antispam protection profile settings, go to Firewall > Protection Profile. Select edit for a profile and select the Spam Filtering options.

For details on the antispam features and settings, see the FortiGate Administration Guide or the FortiGate Online Help.

Web filtering

Web filtering is a method of controlling what web sites are viewable by users. There are three main sections to web filtering: the Web Filter Content Block, the URL Filter, and the FortiGuard Web filter. Each interact with each other in such a way as to provide maximum control and protection for the Internet users.

Web filtering options are enabled and configured in the protection profile settings by going to Firewall > Protection Profile. Select edit for a profile and selecting either the FortiGuard Web Filtering options or the Web Filtering options. You need to register your FortiGate unit and purchase FortiGuard services to use FortiGuard Web Filtering.

Content blocking enables you to specify file types and words that the FortiGate unit should block when encountered. With web content block enabled, every requested web page is checked against the content block list. The score value of each pattern appearing on the page is added, and if the total is greater than the threshold value set in the protection profile, the page is blocked.

FortiGate-620B FortiOS 3.0 MR6 Install Guide

 

01-30006-83054-20081015

37

Page 36 Page 38
Image 37
Page 36 Page 38
Contents Install G U I D E Regulatory compliance TrademarksContents AMC modules Advanced configurationInstalling firmware from a system reboot using the CLI Using the web-based managerTesting new firmware before installing FortiGate FirmwarePage Register your FortiGate unit IntroductionAbout the FortiGate-620B Lacp configurationAbout this document Document conventions Further ReadingTypographic conventions Addressipv4Fortinet Knowledge Center FortiGate Administration GuideComments on Fortinet technical documentation Customer service and technical supportCustomer service and technical support Environmental specifications InstallingRack mount instructions GroundingMounting To install the FortiGate unit into a rackTo power on the FortiGate unit Connecting to the networkTo power off the FortiGate unit Plugging in the FortiGateNAT vs. Transparent mode ConfiguringNAT mode Transparent mode Connecting to the FortiGate unitConnecting to the web-based manager To connect to the web-based managerTo connect to the CLI Connecting to the CLIUsing the web-based manager Configuring NAT modeConfigure the interfaces To configure interfaces Go to System Network InterfaceAdding a default route and gateway Configure a DNS serverAdding firewall policies To modify the default gateway Go to Router StaticTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To set an interface to use PPPoE addressing To configure DNS server settingsTo add an outgoing traffic firewall policy To modify the default gatewaySwitching to Transparent mode Configuring Transparent modeTo switch to Transparent mode Go to System Status Source Address All Destination Interface To switch to Transparent mode Backing up the configuration Verify the configurationAdditional configuration Restoring a configurationSet the Administrator password Set the time and dateUpdating antivirus and IPS signatures Configure FortiGuardAdditional configuration Protection profiles Advanced configurationFirewall policies Firewall policiesAntivirus options Configuring firewall policiesAntiSpam options Web filtering Logging Installing modules Installing AMC filler unitsTo install the filler module AMC modulesRemoving modules Using the AMC modulesHard disk module To insert a module into a FortiGate chassisTo format the ASM-S08 hard disk enter the following command Log configuration using the web-based managerFormatting the hard disk Execute formatlogdiskChanging interfaces to operate in Sgmii or SerDes mode Log configuration using the CLIFortiAnalyzer command config log disk setting enable Viewing logsConfig system interface edit AMC-SW1/1 Set speed auto End Configure the speedUsing the AMC modules Downloading firmware FortiGate FirmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version To upgrade the firmware using the CLI Using the CLIExecute ping Execute restore image image.out Execute restore image namestr tftpip4Execute update-now To revert to a previous firmware version using the CLIExecute restore image namestr tftpipv4 Installing firmware from a system reboot using the CLIExecute restore image image28.out Execute restore config namestr tftpip4Execute reboot To install firmware from a system rebootPress any key to display configuration menu Enter Tftp server addressTo backup configuration using the CLI Restoring the previous configurationEnter Local Address Enter File Name image.outTo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI To test the new firmware image Testing new firmware before installingTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page
Top Page Image Contents