Manuals / Fortinet / Computer Equipment / Network Card

Fortinet 800/800F manual Antivirus options, Configuring firewall policies

Models: 800/800F

1 54
Download 54 pages 6.72 Kb
Page 33
Image 33

 

 

Advanced configuration

Antivirus options

Configuring firewall policies

To add or edit a firewall policy go to Firewall > Policy and select Edit on an existing policy, or select Create New to add a policy.

The source and destination Interface/Zone match the firewall policy with the source and destination of a communication session. The Address Name matches the source and destination address of the communication session.

Schedule defines when the firewall policy is enabled. While most policies are always on, you can configure a firewall policy so that it is only on at specific times of the day. For example, you may want to block news and entertainment sites most of the day, except during lunch or after work, enabling your employees to only view those sites during non-working times.

Service matches the firewall policy with the service used by a communication session. This enables you to configure a policy for general web surfing and a different policy specifically for other traffic such as SMTP mail or FTP uploads and downloads.

Action defines how the FortiGate unit processes traffic. Specify an action to accept or deny traffic or configure a firewall encryption policy.

Add ACCEPT policies that accept communication sessions. Using an accept policy, you can apply FortiGate features such as virus scanning and authentication to the communication session accepted by the policy.

Add DENY policies to deny communication sessions.

Add IPSec encryption policies to enable IPSec tunnel mode VPN traffic and SSL VPN encryption policies to enable SSL VPN traffic. Firewall encryption policies determine which types of IP traffic will be permitted during an IPSec or SSL VPN session.

Select Protection Profile to include apply a protection profile to the firewall policy for scanning of traffic passing through the FortiGate unit.

For details on the firewall policies features and settings, see the FortiGate Administration Guide or the FortiGate Online Help.

Antivirus options

The FortiGate unit’s antivirus configuration prevents malicious files from entering and infecting your network environment.

The FortiGate unit uses a number of processes to scan files to ensure unwanted files and potential attackers do not get through. The FortiGate unit scans using these antivirus options:

File pattern - The FortiGate will check the file against the file pattern setting you have configured. You can set which file names or file types the FortiGate unit looks for in the incoming traffic.

Virus scan - The virus definitions are kept up to date through the FortiNet Distribution Network. The list is updated on a regular basis so you do not have to wait for a firmware upgrade. Note that you must register the FortiGate unit to and purchase FortiGuard services to use virus scanning through the FDN.

FortiGate-800 and FortiGate-800F FortiOS 3.0 MR6 Install Guide

 

01-30006-0455-20080910

33

Page 32 Page 34
Page 33
Image 33
Fortinet 800/800F manual Antivirus options, Configuring firewall policies
Page 32 Page 34

800/800F specifications

Fortinet has established itself as a leader in cybersecurity solutions, and the FortiGate 800/800F series is a testament to this reputation. These next-generation firewalls are designed to deliver high-performance security for enterprise-level networks, providing a robust defense against a multitude of cyber threats.

One of the standout features of the FortiGate 800/800F is its advanced security processing unit (SPU) architecture, which ensures unparalleled threat detection and prevention capabilities. The inclusion of purpose-built chips allows for deep packet inspection at high speeds without hindering network performance. This architecture enables organizations to maintain high throughput while applying comprehensive security policies.

The FortiGate 800/800F series supports a wide array of security features, including intrusion prevention system (IPS), web filtering, and antivirus capabilities. These functionalities work together to monitor and protect against a range of cyber threats, from malware to sophisticated DDoS attacks. Additionally, the firewalls are equipped with FortiSandbox integration, providing automated malware analysis and ensuring that zero-day threats are effectively identified and neutralized in real-time.

In terms of networking capabilities, the FortiGate firewalls support advanced routing protocols, enabling seamless integration into existing network infrastructures. The series also includes support for VPN functionalities, which are crucial for secure remote access. With features like SSL inspection and secure SD-WAN, businesses can leverage flexible connectivity options while ensuring that sensitive data remains protected.

The FortiOS operating system enhances the FortiGate 800/800F series with centralized management capabilities, allowing administrators to configure and monitor security policies with ease. The intuitive user interface simplifies complex tasks, aiding in the rapid deployment and scalability of security measures across large networks.

High availability and redundancy features are also integral to the FortiGate 800/800F design. The series supports active-active and active-passive configurations, ensuring continuous protection and minimizing downtime during maintenance or unexpected failures.

In summary, the FortiGate 800/800F series stands out for its powerful performance, advanced security features, and robust networking capabilities. Organizations seeking to bolster their cybersecurity posture will find these firewalls to be invaluable tools in safeguarding their digital environments and ensuring business continuity in an increasingly complex threat landscape.