虚拟 IP

防火墙配置

 

 

8 IP 地址 一栏中,需要输入在目的网络上的 实 IP 地址

例如,实 IP 地址可以是位于您的内部网络中的 Web 服务器的地址。

9 到端口 设置为转发数据包时要给它们添加的端口号。 如果您不希望转换端口,可以输入和外部服务端口相同的端口号。

如果您希望转换端口,输入要转换到的目的端口的端口号,当数据包被防火墙转发时, 它们的目的端口将被按这个号码被修改。

10选择被转发的端口所要使用的 协议

11单击 确定 以保存端口转发虚拟 IP。

图 13: 添加端口转发虚拟 IP

添加使用虚拟 IP 的策略

 

如下步骤添加使用虚拟 IP 转发数据包的策略。

1

进入 防火墙 > 策略

2

选择要添加的策略的 类型

 

·源接口须匹配于外部接口列表中选中的接口。

 

·目的区域须匹配于映到的 IP 地址所在网络相连接的接口。

3

使用以下信息配置策略。

 

源地址

选择用户可以用访问服务器的源地址

 

目的地址

选择虚拟 IP。

 

任务计划

根据需要选择任务计划

 

服务

选择的服务应当对应于您选择的端口转发虚拟 IP 所映到的服务

164

美国飞塔有限公司

Page 176
Image 176
Fortinet 500 manual 添加使用虚拟 Ip 的策略, 164

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.