系统配置

 

 

 

制替换信息

 

 

 

 

 

 

 

表 3: 替换信息片段

 

 

 

 

 

 

 

 

扫描

用于病毒扫描 (所有服务)。

 

 

 

 

 

 

 

片段开始

<**INFECTED**>

 

 

 

 

 

 

 

 

许的标签

%%FILE%%

 

被感染的文件的文件名。

 

 

 

 

 

 

 

 

 

%%VIRUS%%

 

感染文件的病毒名称。

 

 

 

 

 

 

 

 

 

%%URL%%

 

被阻塞的网页页面或文件的 URL。

 

 

 

 

 

 

 

 

片段结束

<**/BLOCKED**>

 

 

 

 

 

 

 

 

 

 

 

 

 

隔离

当隔离功能被启用时使用。(可以被电子邮件的阻塞服务和所有的扫描服务

 

 

 

使用。)

 

 

 

 

 

 

 

 

片段开始

<**QUARANTINE**>

 

 

 

 

 

 

 

 

许的标签

%%QUARFILENAME

 

被隔离的文件的文件名。

 

 

 

%%

 

 

 

 

 

 

 

 

 

片段结束

<**/QUARANTINE**>

 

邮件

 

 

 

 

 

 

 

 

 

 

 

定制报警邮件可以控制发送给系统管理员的报警邮件的内容。

1

进入 系统 > 配置 > 换信息。

 

 

2

对于您要定制的报警邮件信息,单击修改 。

3

在消息设置对话,编辑消息的文本。

 

表 4 列出了可以添加到报警邮件的替换信息片段和每个片段的标签的书写方法。对于

 

合法的标签您还可以添加任何文字和 HTML 编码。

4

单击确定以保存您所做的任何修改。

表 4: 报警邮件消息的片段

NIDS

用于 NIDS 事件报警邮件。

 

 

 

片段开始

<**NIDS_EVENT**>

 

 

 

 

许的标签

%%NIDS_EVENT%%

NIDS 攻击消息。

 

 

 

片段结束

<**/NIDS_EVENT**>

 

 

 

 

 

 

 

病毒警报

用于病毒警报邮件消息

 

 

 

 

片段开始

<**VIRUS_ALERT**>

 

 

 

 

许的标签

%%VIRUS%%

病毒名称。

 

 

 

 

%%PROTOCOL%%

检测到病毒的服务。

 

 

 

 

%%SOURCE_IP%%

接收到病毒所来自的 IP 地址。对于电子邮件,这

 

 

个 IP 地址是发送包含病毒的电子邮件的邮件服务

 

 

器的地址。对于 HTTP 协议数据流这是发送病毒的

 

 

网页的 IP 地址。

 

 

 

 

%%DEST_IP%%

会接收到病毒的计算机的 IP 地址。对于 POP3 协议

 

 

这是试图下载含有病毒的电子邮件的用户的计算机

 

 

的 IP 地址。

 

 

 

 

%%EMAIL_FROM%%

发现带有病毒的消息的发件人的邮件地址。

 

 

 

 

%%EMAIL_TO%%

发现被病毒感染的消息的收件人的邮件地址。

 

 

 

FortiGate-500 安装和配置指南

141

Page 153
Image 153
Fortinet 500 manual 141, 报警邮件消息的片段 Nids 事件, 病毒警报

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.