Configuring Transparent mode

Configuring

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A domain name server (DNS server) implements the protocol. In simple terms, it acts as a phone book for the Internet. A DNS server matches domain names with the computer IP address. This enables you to use readable locations, such as fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable disable} set primary <address_ip>

set secondary <address_ip> end

Note if you set the autosvr to enable, you do not have to configure the primary or secondary DNS server IP addresses.

Adding firewall policies

Firewall policies enable traffic to flow through the FortiGate interfaces. Firewall policies define the FortiGate unit process the packets in a communication session. You can configure the firewall policies to allow only specific traffic, users and specific times when traffic is allowed.

For the initial installation, a single firewall policy that enables all traffic through will enable you to verify your configuration is working. On lower-end units such a default firewall policy is already in place. For the higher end FortiGate units, you will need to add a firewall policy.

The following steps add two policies that allows all traffic through the FortiGate unit, to enable you to continue testing the configuration on the network.

To add an outgoing traffic firewall policy

config firewall profile

edit <seq_num>

set srcintf <source_interface> set srcaddr <source_IP>

set dstintf <destination_interface> set dstaddr <destination_IP>

set schedule always set service ANY set action accept

end

To create an incoming traffic firewall policy, use the same commands with the addresses reversed.

Note that these policies allow all traffic through. No protection profiles have been applied. Ensure you create additional firewall policies to accommodate your network requirements.

 

FortiGate-3016B FortiOS 3.0 MR6 Install Guide

28

01-30006-0458-20080318

Page 28
Image 28
Fortinet 3016B manual To configure DNS server settings

3016B specifications

The Fortinet 3016B is a robust firewall solution designed to meet the dynamic security needs of modern enterprises. As part of the FortiGate product line, the 3016B combines advanced security features with high performance, catering to organizations that require reliability and efficiency in managing their network security.

One of the primary features of the Fortinet 3016B is its high throughput capabilities. It supports up to 40 Gbps of firewall throughput and an impressive 7.5 Gbps of intrusion prevention system (IPS) throughput. This ensures that even at peak network loads, the firewall can maintain strong performance without compromising security. This feature is particularly important for businesses that handle large volumes of data and require seamless connectivity for their operational efficiency.

The 3016B leverages Fortinet's proprietary FortiOS operating system, which is known for its user-friendly interface and comprehensive security functionalities. FortiOS includes a variety of tools such as a next-generation firewall (NGFW), antivirus protection, web filtering, and application control, all incorporated into a single platform. This consolidation helps in simplifying management while providing extensive security coverage against a wide array of cyber threats.

Moreover, the Fortinet 3016B incorporates advanced threat intelligence capabilities powered by FortiGuard Labs. This allows the firewall to stay updated with real-time threat feeds, enabling the organization to respond proactively to emerging threats and vulnerabilities. The integration of AI-driven analytics enhances anomaly detection and helps in identifying potential breaches before they can escalate.

Another notable characteristic of the 3016B is its scalability. Designed for medium to large enterprises, it can easily integrate into existing infrastructure and scale as business needs grow. With support for multiple virtual domains (VDOMs), organizations can create isolated environments for different departments or functions, maintaining policy separations while optimizing resource utilization.

In terms of connectivity, the Fortinet 3016B offers various interfaces, including multiple 1G and 10G Ethernet ports, ensuring flexible deployment options. The device also supports high availability (HA) configurations, which provide redundancy and minimize downtime.

Overall, the Fortinet 3016B is an exceptional solution that combines superior security features with high performance and scalability, making it a prime choice for organizations looking to strengthen their network security posture without sacrificing efficiency. With its comprehensive capabilities, it empowers businesses to tackle today’s cybersecurity challenges effectively.