Launching web portal applications

Working with the web portal

In the Tools area, you can connect to a web server or start a telnet session. You can also check connectivity to a host or server on the network behind the FortiGate unit. For more information, see “Starting a session from the Tools area”.

The FortiGate unit forwards client requests to servers on the Internet or internal network. To use the web-portal applications, you add the URL, IP address, or name of the server application to the My Bookmarks list (see “Adding a bookmark to the My Bookmarks list”).

Note: If you want to access a web server or telnet server without first adding a bookmark to the My Bookmarks list, type the URL or IP address of the server into the appropriate field under Tools instead (see “Starting a session from the Tools area”).

One or more of the following server applications may be available to you, depending on whether they were installed by the server administrator:

•Web servers (HTTP/HTTPS) download HTML pages in response to web browser requests.

•Telnet servers (TCP/IP Terminal Emulation Protocol) enable you to use your computer as a virtual terminal to log in to a remote host.

•FTP (File Transfer Protocol) servers enable you to transfer files between your computer and a remote host.

•SMB/CIFS servers implement the Server Message Block (SMB) protocol to support file sharing between your computer and a remote server host.

•VNC (Virtual Network Computing) servers enable you to remotely control another computer, for example, accessing work from your home computer.

•RDP (Remote Desktop Protocol) servers have a multi-channel protocol that allows users to connect to computers running Microsoft Terminal Services.

•SSH (Secure Shell) servers enable you to exchange data between two computers using a secure channel.

Note: Windows file sharing through SMB/CIFS is supported through shared directories.

When you access any of these server applications, the server may prompt you for a user name and password. To log in, you must have a user account created by the server administrator.

URL re-writing

When a FortiGate unit forwards client requests to servers on the Internet or internal network, there may be a requirement to access a site with a name or address that should not be exposed. For HTTP/HTTPS, the FortiGate unit employs an obfuscation technique that encrypts the hostname with a random key using AES-128, then the corresponding hex value plus ‘Z’ is added at the beginning to form the encoded name.

For example, in the case of the URL http://test.org/index.html, the FortiGate unit would translate to the following:

https://<sslvpn_host:port>/proxy/http/Z<encrypted hex value>/index.html

	FortiOS v3.0 MR7 SSL VPN User Guide
68	01-30007-0348-20080718

FORTIOS V3.0 MR7 specifications

Fortinet's FortiOS v3.0 MR7 marks a significant advancement in network security and management, providing organizations with enhanced features, technologies, and characteristics to better protect their IT environments. This version of FortiOS is designed to facilitate comprehensive security and optimized performance, ensuring that organizations can safeguard their networks against evolving threats.

One of the main features in FortiOS v3.0 MR7 is its robust firewall capabilities. The stateful firewall technology enables dynamic packet filtering based on predefined security policies. This strengthens the organization's perimeter defense by allowing or denying traffic based on user-defined rules. Additionally, the integrated Application Control feature extends the firewall's capabilities by identifying and controlling applications regardless of port usage, enabling organizations to enforce security policies on a finer-grained level.

FortiOS v3.0 MR7 also introduces advanced intrusion prevention system (IPS) functionalities. The next-generation IPS utilizes deep packet inspection and real-time threat intelligence to detect and block attacks before they can compromise the network. Coupled with Fortinet’s threat research team, which ensures timely updates of security signatures, this system helps organizations mitigate risks posed by sophisticated cyber threats.

Another key characteristic of FortiOS v3.0 MR7 is its enhanced VPN capabilities. The support for both SSL and IPsec VPN allows secure remote access for employees and offers flexible options for secure communication over the internet. This feature is essential for organizations that embrace remote work, ensuring that sensitive data remains protected regardless of the user's location.

In addition to its powerful security features, FortiOS v3.0 MR7 includes advanced reporting and logging capabilities. Users can generate detailed reports that highlight security events, traffic patterns, and performance metrics. This data not only improves visibility into network security but also assists in compliance with regulatory requirements.

Moreover, the platform's user-friendly interface enhances the overall management experience. Administrators can quickly configure settings, monitor activity, and respond to incidents effectively. With centralized management capabilities, FortiOS v3.0 MR7 allows organizations to manage multiple devices from a single console, simplifying operations and reducing administrative overhead.

In summary, Fortinet's FortiOS v3.0 MR7 integrates a wealth of security features, including a stateful firewall, advanced IPS, VPN support, and comprehensive reporting functions. Together, these technologies ensure that organizations can maintain a strong security posture in an increasingly complex threat landscape.

Fortinet FORTIOS V3.0 MR7 manual Launching web portal applications, URL re-writing

Models: FORTIOS V3.0 MR7