Factory default FortiGate configuration settings | Getting started |
|
|
Table 4: Factory default firewall configuration (Continued)
| Action |
| ACCEPT | The policy action. ACCEPT means that the policy |
|
|
|
| allows connections. |
| ; NAT |
|
| NAT is selected for the NAT/Route mode default |
|
|
|
| policy so that the policy applies network address |
|
|
|
| translation to the traffic processed by the policy. |
|
|
|
| NAT is not available for Transparent mode policies. |
| Traffic Shaping | Traffic shaping is not selected. The policy does not | ||
|
|
|
| apply traffic shaping to the traffic controlled by the |
|
|
|
| policy. You can select this option to control the |
|
|
|
| maximum or minimum amount of bandwidth |
|
|
|
| available to traffic processed by the policy. |
| Authentication | Authentication is not selected. Users do not have to | ||
|
|
|
| authenticate with the firewall before connecting to |
|
|
|
| their destination address. You can configure user |
|
|
|
| groups and select this option to require users to |
|
|
|
| authenticate with the firewall before they can |
|
|
|
| connect through the firewall. |
| Antivirus & Web Filter | Antivirus & Web Filter is not selected. This policy | ||
|
|
|
| does not include a content profile that applies |
|
|
|
| antivirus protection, web content filtering, or email |
|
|
|
| filtering to content traffic processed by this policy. |
|
|
|
| You can select this option and select a content |
|
|
|
| profile to apply different levels of content protection |
|
|
|
| to traffic processed by this policy. |
| Log Traffic |
| Log Traffic is not selected. This policy does not | |
|
|
|
| record messages to the traffic log for the traffic |
|
|
|
| processed by this policy. You can configure |
|
|
|
| FortiGate logging and select Log Traffic to record all |
|
|
|
| connections through the firewall that are accepted |
|
|
|
| by this policy. |
Factory default content profiles
You can use content profiles to apply different protection settings for content traffic controlled by firewall policies. You can use content profiles for:
•Antivirus protection of HTTP, FTP, IMAP, POP3, and SMTP network traffic
•Web content filtering for HTTP network traffic
•Email filtering for IMAP and POP3 network traffic
•Oversized file and email blocking for HTTP, FTP, POP3, SMTP, and IMAP network traffic
•Passing fragmented emails in IMAP, POP3, and SMTP email traffic
Using content profiles you can build up protection configurations that can be easily applied to different types of Firewall policies. This allows you to customize different types and different levels of protection for different firewall policies.
For example, while traffic between internal and external addresses might need strict protection, traffic between trusted internal addresses might need moderate protection. You can configure policies for different traffic services to use the same or different content profiles.
Content profiles can be added to NAT/Route mode and Transparent mode policies.
36 | Fortinet Inc. |
