内容配置文件

防火墙配置

 

 

默认的内容配置文件

FortiGate 设备具有以下四种默认的内容配置文件,它们位于防火墙 > 内容配置文 件。 您可以使用现有的内容配置文件或者创建您自的:

严谨

使用严谨的内容配置文件可以对 UHTTP, FTP, IMAP, POP3, 和 SMTP

 

等通讯的内容应用最大限度的防护。通常情况下您不需要使用严谨型

 

内容配置文件,是如果您受到病毒的严重威胁,需要最大限度地

 

病毒,可以选择严谨型内容配置文件。

扫描

使用扫描型内容配置文件可以对 HTTP、FTP、IMAP、POP3 和 SMTP 通讯的内

 

容应用防病毒扫描。同时,隔离功能也被启用了,并用于所有类型的服

 

务。在 FortiGate 设备中装备了一个硬盘,如果防病毒扫描功能发现了在某

 

个文件中有病毒,这个文件可以被隔离到 FortiGate 的硬盘上。系统管理员

 

可以根据需要决定是恢复被隔离的文件。

网页

使用网页型内容配置文件可以对 HTTP 通讯的内容应用防病毒扫描和网页内

 

容阻塞。您可以在控制 HTTP 通讯的防火墙策略中添加这一内容配置文件。

非过滤

如果您不希望对通讯内容加任何内容保护,可以选择非过滤型内容配置文

 

件。您可以在控制无须保护的通讯类型的防火墙策略上添加这一内容配置文

 

件,例如两个高度可信或高度安全的网络之间的通讯。

添加一个内容配置文件

如果默认的内容配置文件不能提供您所要求的保护,您可以创建新的内容配置文件 并根据您的需要定制它的内容。

1

进入 防火墙 > 内容配置文件。

2

单击新建。

 

 

3

输入一个配置文件名。

 

4

启用防病毒保护选项。

 

 

防病毒扫描

扫描网页, FTP 和邮件通讯中的病毒和蠕虫。请见 第 220 页

 

 

病毒扫描

 

文件阻塞

删除与文件阻塞样板匹配的文件,即使它们不包含病毒。只有发现了新

 

 

的,防病毒扫描功能无法检测的病毒时,您要启用这一功能。请

 

 

第 221 页 文件阻塞

 

隔离

隔离被阻塞和被感染的文件。

 

注意:如果防病毒扫描和文件阻塞功能启用了,FortiGate 设备将在文件被扫描病毒之前阻塞

 

与文件模板匹配的文件。

 

5

启用网页过滤选项。

 

 

 

网页 URL 阻塞

阻塞不受欢迎的网页和网站。这个选项将Fortinet URL 阻塞( 请见

 

 

第 229

阻塞对 URL 的访问) 和 Cerberian URL 过滤 ( 请见

 

 

第 231

使用 Cerberian 网页过滤器) 添加到策略接受的

 

 

HTTP 通讯中。

 

网页内容阻塞

阻塞包含不受欢迎的词汇或短语的网页。请见 第 228 内容阻

 

 

 

 

网页本过滤

从网页中删除脚本。请见 第 234 页 脚本过滤

 

网页排除列表

从网页过滤和病毒扫描中排除 URL。请见 第 235 页 URL 排除列

 

 

 

6 启用电子邮件过滤保护选项。

170

美国飞塔有限公司

Page 182
Image 182
Fortinet 500 manual 默认的内容配置文件, 添加一个内容配置文件, 170, 进入 防火墙 内容配置文件。

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.