Fortinet 310B manual Web filtering

Page 37

 

 

 

Advanced configuration

Web filtering

Banned word lists are specific words that may be typically found in email. The FortiGate unit searches for words or patterns in email messages. If matches are found, values assigned to the words are totalled. If the defined threshold value is exceeded, the message is marked as spam. If no match is found, the email message is passed along to the next filter.

You configure banned words by going to Antispam > Banned Word.

While FortiGuard services maintain a large list of known spammers, it is not perfect. In some cases, some mail tagged as spam is an individual you want to receive mail from, while email that is not caught by the spam filters or users you don’t want to receive email from gets through to your inbox.

White lists and black lists enable you to maintain a list of email addresses that you want (white list) or don’t want (black list) to receive email from. You can add or remove addresses from lists as required. The FortiGate unit uses both an IP address list and an email address list to filter incoming email, if enabled in the protection profile.

When performing an IP address list check, the FortiGate unit compares the IP address of the message's sender to the IP address list in sequence. If a match is found, the action associated with the IP address is taken. If no match is found, the message is passed to the next enabled spam filter.

When performing an email list check, the FortiGate unit compares the email address of the message's sender to the email address list in sequence. If a match is found, the action associated with the email address is taken. If no match is found, the message is passed to the next enabled antispam filter.

To configure black/white lists, go to AntiSpam > Black/White List.

You enable antispam options for each mail service (POP3, IMAP and SMTP) in the protection profile. To configure antispam protection profile settings, go to Firewall > Protection Profile. Select edit for a profile and select the Spam Filtering options.

For details on the antispam features and settings, see the FortiGate Administration Guide or the FortiGate Online Help.

Web filtering

Web filtering is a method of controlling what web sites are viewable by users. There are three main sections to web filtering: the Web Filter Content Block, the URL Filter, and the FortiGuard Web filter. Each interact with each other in such a way as to provide maximum control and protection for the Internet users.

Web filtering options are enabled and configured in the protection profile settings by going to Firewall > Protection Profile. Select edit for a profile and selecting either the FortiGuard Web Filtering options or the Web Filtering options. You need to register your FortiGate unit and purchase FortiGuard services to use FortiGuard Web Filtering.

Content blocking enables you to specify file types and words that the FortiGate unit should block when encountered. With web content block enabled, every requested web page is checked against the content block list. The score value of each pattern appearing on the page is added, and if the total is greater than the threshold value set in the protection profile, the page is blocked.

FortiGate-310B FortiOS 3.0 MR6 Install Guide

 

01-30006-0472-20080815

37

Page 36 Page 38
Image 37
Page 36 Page 38
Contents Install G U I D E Regulatory compliance TrademarksContents Protection profiles Firewall policies Configuring Transparent modeDownloading firmware Using the CLI Using the web-based managerInstalling firmware from a system reboot using the CLI Testing new firmware before installingPage Register your FortiGate unit IntroductionAbout the FortiGate-310B Lacp configurationAbout this document Document conventions Further ReadingTypographic conventions Addressipv4Fortinet Knowledge Center FortiGate Administration GuideComments on Fortinet technical documentation Customer service and technical supportCustomer service and technical support Environmental specifications InstallingRack mount instructions GroundingMounting Installed mounting brackets To install the FortiGate unit into a rackTo power on the FortiGate unit Connecting to the networkTo power off the FortiGate unit Plugging in the FortiGateNAT vs. Transparent mode ConfiguringNAT mode Transparent mode Connecting to the FortiGate unitConnecting to the web-based manager To connect to the web-based managerTo connect to the CLI Connecting to the CLIBits per second 9600 Data bits Parity Stop bits Flow controlUsing the web-based manager Configuring NAT modeConfigure the interfaces To configure interfaces Go to System Network InterfaceAdding a default route and gateway Configure a DNS serverInitial Padt Timeout Adding firewall policies To modify the default gateway Go to Router StaticSource Interface Source Address AllTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To set an interface to use PPPoE addressing To configure DNS server settingsTo add an outgoing traffic firewall policy To modify the default gatewaySwitching to Transparent mode Configuring Transparent modeTo switch to Transparent mode Go to System Status Source Address All Destination Interface To switch to Transparent mode Backing up the configuration Verify the configurationAdditional configuration Restoring a configurationSet the Administrator password Set the time and dateUpdating antivirus and IPS signatures Configure FortiGuardAdditional configuration Default protection profiles Advanced configurationProtection profiles Firewall policies Firewall policiesAntivirus options Configuring firewall policiesAntiSpam options Web filtering Logging Installing modules Installing AMC filler unitsTo install the filler module AMC modulesRemoving modules Using the AMC modulesHard disk module To insert a module into a FortiGate chassisTo format the ASM-S08 hard disk enter the following command Log configuration using the web-based managerFormatting the hard disk Execute formatlogdiskChanging interfaces to operate in Sgmii or SerDes mode Log configuration using the CLIViewing logs ASM-FB4 and ADM-XB2 modulesConfig system interface edit AMC-SW1/1 Set speed auto End Configure the speedUsing the AMC modules Downloading firmware FortiGate FirmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version To upgrade the firmware using the CLI Using the CLIExecute ping Execute restore image image.out Execute restore image namestr tftpip4Execute update-now To revert to a previous firmware version using the CLIExecute restore image namestr tftpipv4 Installing firmware from a system reboot using the CLIExecute restore image image28.out Execute restore config namestr tftpip4Execute reboot To install firmware from a system rebootPress any key to display configuration menu Enter Tftp server addressTo backup configuration using the CLI Restoring the previous configurationEnter Local Address Enter File Name image.outTo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI To test the new firmware image Testing new firmware before installingTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page

310B specifications

The Fortinet 310B is a powerful next-generation firewall (NGFW) designed to meet the evolving needs of modern enterprises. As part of Fortinet's Security Fabric, the 310B offers robust security features combined with high performance, enhancing network security while maintaining ease of use.

One of the standout features of the Fortinet 310B is its high throughput capability. With up to 10 Gbps of firewall throughput and an impressive IPS throughput of 3.5 Gbps, the device is optimized for handling heavy network traffic with minimal latency. This makes it suitable for both medium and large-scale environments, where performance and speed are critical.

The Fortinet 310B integrates a comprehensive suite of security technologies. At its core is FortiOS, the operating system that powers Fortinet’s security appliances. FortiOS includes advanced threat protection capabilities such as intrusion prevention system (IPS), deep packet inspection, and antivirus scanning. These features help protect against a wide range of threats, including malware, ransomware, and zero-day attacks, ensuring that networks are resilient against various cyber threats.

Another key characteristic of the Fortinet 310B is its multi-layered security architecture. The device supports a range of technologies such as SSL inspection, web filtering, and application control. By leveraging these functionalities, organizations can enforce granular security policies across different applications and users, improving overall visibility and control over the network environment.

The Fortinet 310B also incorporates FortiGate's unique Security Fabric technology, which enables seamless integration with other Fortinet products and third-party solutions. This interoperability allows for centralized management, simplified security operations, and enhanced threat intelligence sharing, creating a holistic security approach.

In addition to its security capabilities, the Fortinet 310B offers a variety of connectivity options, including multiple Ethernet ports and support for FortiLink, which allows for easy integration with FortiAP access points and FortiSwitches. This flexibility facilitates the deployment of secure network segments and wireless solutions.

The device also supports advanced features such as VPN capabilities for secure remote access, SD-WAN for optimizing network performance, and extensive reporting and logging for compliance and accountability. All these attributes make the Fortinet 310B a formidable choice for organizations looking to bolster their network security posture while maximizing operational efficiency. Overall, the Fortinet 310B stands out as a reliable and versatile solution in the realm of network security appliances.
Top Page Image Contents