Advanced configuration

Protection profiles

Advanced configuration

The FortiGate unit and the FortiOS operating system provide a wide range of features that enable you to control network and internet traffic and protect your network. This chapter describes some of these options and how to configure them.

This chapter includes

Protection profiles

Firewall policies

Antivirus options

AntiSpam options

Web filtering

Logging

Protection profiles

A protection profile is a group of settings you can adjust to suit your requirements for network protection. Since protection profiles apply different protection settings to traffic controlled by firewall policies, you can tailor the settings to the type of traffic each policy handles.

Use protection profiles to configure:

antivirus protection

web filtering

web category filtering

spam filtering

content archiving

instant messaging filtering and access control

P2P access and bandwidth control

logging options for policies and configurations within the policies

rate limiting for VoIP protocols.

Using protection profiles, you can customize types and levels of protection for different firewall policies.

For example, while traffic between internal and external addresses might need strict protection, traffic between trusted internal addresses might need moderate protection. You can configure policies for different traffic services to use the same or different protection profiles.

The FortiGate unit is preconfigured with four default protection profiles. In many cases you can use these default protection profiles, or use them as a starting point in creating your own.

Table 1: Default protection profiles

Strict Applies maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic. The strict protection profile may not be useful under normal circumstances but it is available when maximum protection is required.

Scan Apply virus scanning to HTTP, FTP, IMAP, POP3, and SMTP traffic.

FortiGate-110C FortiOS 3.0 MR6 Install Guide

 

01-30006-0481-20080728

31

Page 33
Image 33
Fortinet 110C manual Advanced configuration, Protection profiles

110C specifications

The Fortinet 110C is a robust security appliance designed to provide comprehensive protection for small to medium-sized enterprises. It offers advanced security features combined with high-performance networking capabilities, making it an ideal choice for businesses looking to safeguard their digital assets while maintaining efficient network operations.

One of the standout features of the Fortinet 110C is its FortiOS operating system, which provides a unified security platform that integrates various security functionalities. This operating system supports firewall, VPN, intrusion prevention system (IPS), antivirus, and web filtering features, all managed from a single interface. This integration simplifies security management while enhancing overall performance.

The Fortinet 110C is equipped with an impressive throughput capacity, capable of managing up to 5 Gbps of firewall traffic and 1.5 Gbps of VPN throughput. This high performance ensures that businesses experience minimal latency and interruption, even during peak usage periods. The device also supports up to 100,000 concurrent sessions, which is crucial for organizations experiencing increases in network traffic or user connections.

In terms of connectivity, the Fortinet 110C features multiple Ethernet ports, including both WAN and LAN options, allowing for flexible network setups. The appliance supports VLAN configurations, enabling businesses to segment their networks for better security and traffic management. Additionally, the Fortinet 110C offers advanced routing features such as static and dynamic routing, which further enhances its functionality.

Security is paramount, and the Fortinet 110C excels with its comprehensive threat detection and prevention capabilities. Its Intrusion Prevention System (IPS) is designed to detect and neutralize threats in real-time, ensuring that sensitive business data remains protected. Moreover, the integrated antivirus engine scans traffic for malicious content, effectively blocking threats before they reach the network.

For businesses concerned about compliance, the Fortinet 110C includes features that support various regulatory requirements, such as logging and reporting capabilities. This ensures that organizations can maintain records of their network activity and meet audit requirements.

The Fortinet 110C also supports FortiGuard services, providing continuous updates to the security landscape. This ensures that the appliance is equipped to handle emerging threats, reinforcing the organization's security posture.

In conclusion, the Fortinet 110C is a powerful network security appliance that combines advanced security features with high performance. Its integration capabilities, impressive throughput, and robust security measures make it an optimal choice for small to medium-sized businesses looking to enhance their network security while maintaining operational efficiency. With FortiOS at its core and support for a wide range of security functionalities, the 110C stands out as a reliable solution in the ever-evolving cybersecurity landscape.