Configuring SSL VPN event-logging

Configuring a FortiGate SSL VPN

Cipher Strength

Select one of the following options to determine the level of SSL

 

encryption to use. The web browser on the remote client must be

 

capable of matching the level that you select:

 

• To use any cipher suite, select Any.

 

• To use a 164-bit or greater cipher suite, select High >= 164.

 

• To use a 128-bit or greater cipher suite, select Medium >= 128.

User Authentication

Select one of the following options to bind user groups to

Method

authentication methods:

 

• If the user group contains only local users, select Local.

 

• If the remote clients will be authenticated by an external

 

RADIUS server, select Radius.

 

• If the remote clients will be authenticated by an external LDAP

 

server, select LDAP.

 

• If the user group contains Local, RADIUS, and LDAP users,

 

select Any to enable all of the authentication methods. Local is

 

attempted first, then RADIUS, then LDAP.

Available Groups

Select the name of the user group requiring SSL VPN access, and

 

then select the right-pointing arrow. Do not select more than one

 

user group unless all members of the selected user groups have

 

identical access requirements.

3Select OK.

Note: If you apply a protection profile in a SSL VPN firewall policy, it will only apply to tunnel-mode operations.

4If the user group requires access to another server or network, create the IP destination address (see “To specify the destination IP address” on page 46) and repeat this procedure to create the required firewall policy.

5Create additional IP destination addresses and firewall policies if required for each additional user group.

Configuring SSL VPN event-logging

You can configure the FortiGate unit to log SSL VPN events. For information about how to interpret log messages, see the FortiGate Log Message Reference.

To log SSL VPN events

1Go to Log&Report > Log Config > Log Setting.

2Enable the storage of log messages to one or more of the following locations:

a FortiAnalyzer unit

the FortiGate system memory

a remote computer running a syslog server

Note: If available on your FortiGate unit, you can enable the storage of log messages to a system hard disk. In addition, as an alternative to the options listed above, you may choose to forward log messages to a remote computer running a WebTrends firewall reporting server. For more information about enabling either of these options through CLI commands, see the “log” chapter of the FortiGate CLI Reference.

3If the options are concealed, select the blue arrow beside each option to reveal and configure associated settings.

 

FortiOS v3.0 MR7 SSL VPN User Guide

48

01-30007-0348-20080718

Page 47 Page 49
Page 48
Image 48
Fortinet FORTIOS V3.0 MR7 manual Configuring SSL VPN event-logging, User Authentication, Available Groups
Page 47 Page 49

FORTIOS V3.0 MR7 specifications

Fortinet's FortiOS v3.0 MR7 marks a significant advancement in network security and management, providing organizations with enhanced features, technologies, and characteristics to better protect their IT environments. This version of FortiOS is designed to facilitate comprehensive security and optimized performance, ensuring that organizations can safeguard their networks against evolving threats.

One of the main features in FortiOS v3.0 MR7 is its robust firewall capabilities. The stateful firewall technology enables dynamic packet filtering based on predefined security policies. This strengthens the organization's perimeter defense by allowing or denying traffic based on user-defined rules. Additionally, the integrated Application Control feature extends the firewall's capabilities by identifying and controlling applications regardless of port usage, enabling organizations to enforce security policies on a finer-grained level.

FortiOS v3.0 MR7 also introduces advanced intrusion prevention system (IPS) functionalities. The next-generation IPS utilizes deep packet inspection and real-time threat intelligence to detect and block attacks before they can compromise the network. Coupled with Fortinet’s threat research team, which ensures timely updates of security signatures, this system helps organizations mitigate risks posed by sophisticated cyber threats.

Another key characteristic of FortiOS v3.0 MR7 is its enhanced VPN capabilities. The support for both SSL and IPsec VPN allows secure remote access for employees and offers flexible options for secure communication over the internet. This feature is essential for organizations that embrace remote work, ensuring that sensitive data remains protected regardless of the user's location.

In addition to its powerful security features, FortiOS v3.0 MR7 includes advanced reporting and logging capabilities. Users can generate detailed reports that highlight security events, traffic patterns, and performance metrics. This data not only improves visibility into network security but also assists in compliance with regulatory requirements.

Moreover, the platform's user-friendly interface enhances the overall management experience. Administrators can quickly configure settings, monitor activity, and respond to incidents effectively. With centralized management capabilities, FortiOS v3.0 MR7 allows organizations to manage multiple devices from a single console, simplifying operations and reducing administrative overhead.

In summary, Fortinet's FortiOS v3.0 MR7 integrates a wealth of security features, including a stateful firewall, advanced IPS, VPN support, and comprehensive reporting functions. Together, these technologies ensure that organizations can maintain a strong security posture in an increasingly complex threat landscape.
Top Page Image Contents