VLANs and virtual domains | Introduction |
|
|
NAT/Route mode
In NAT/Route mode, you can create NAT mode policies and Route mode policies.
•NAT mode policies use network address translation to hide the addresses in a more secure network from users in a less secure network.
•Route mode policies accept or deny connections between networks without performing address translation.
Transparent mode
Transparent mode provides the same basic firewall protection as NAT mode. Packets that the FortiGate unit receives are forwarded or blocked according to firewall policies. The FortiGate unit can be inserted in the network at any point without having to make changes to your network or its components. However, VPN and some advanced firewall features are available only in NAT/Route mode.
VLANs and virtual domains
Fortigate Antivirus Firewalls support IEEE
The FortiGate unit supports VLANs in NAT/Route and Transparent mode. In NAT/Route mode, you enter VLAN subinterfaces to receive and send VLAN packets. In Transparent mode, you create virtual domains and then add VLAN subinterfaces to those virtual domains.
Network intrusion detection
The FortiGate Network Intrusion Detection System (NIDS) is a
NIDS prevention detects and prevents many common denial of service and packet- based attacks. You can enable and disable prevention attack signatures and customize attack signature thresholds and other parameters.
To notify system administrators of the attack, the NIDS records the attack and any suspicious traffic to the attack log, and can be configured to send alert emails.
Fortinet updates NIDS attack definitions periodically. You can download and install updated attack definitions manually or you can configure the FortiGate unit to automatically check for and download attack definition updates.
18 | Fortinet Inc. |
