Create a Simple Remote Access IPSec Tunnel Capability
This video is a brief introduction on how to create a Remote Access (Split Tunnel) IPSec tunnel so that remote users can IPSec into the network and access resources.
View ArticleConfigure IPS options
Configure IPS options The following IPS configuration options are available: Malicious URL database for drive-by exploits detection Customizable replacement message when IPS blocks traffic Hardware...
View ArticleEnable IPS packet logging
Enable IPS packet logging Packet logging saves the network packets containing the traffic matching an IPS signature to the attack log. The FortiGate unit will save the logged packets to wherever the...
View ArticleCustom Application & IPS Signatures
Custom Application & IPS Signatures Creating a custom IPS signature The FortiGate predefined signatures cover common attacks. If you use an unusual or specialized application or an uncommon...
View ArticleCreating a custom signature to block access to example.com
Creating a custom signature to block access to example.com In this first example, you will create a custom signature to block access to the example.com URL. This example describes the use of the custom...
View ArticleCreating a custom signature to block the SMTP “vrfy” command
Creating a custom signature to block the SMTP “vrfy” command The SMTP “vrfy” command can be used to verify the existence of a single email address or to list all of the valid email accounts on an email...
View ArticleCreating a custom signature to block files according to the file’s hash value
Creating a custom signature to block files according to the file’s hash value In this example, you will create a custom signature that allows you to specify a hash value (or checksum) of a file that...
View ArticleAnti-Spam filter
Anti-Spam filter This section describes how to configure FortiGate email filtering for IMAP, POP3, and SMTP email. Email filtering includes both spam filtering and filtering for any words or files you...
View ArticleAnti-Spam examples
Anti–Spam examples Configuring simple Anti-Spam protection Small offices, whether they are small companies, home offices, or satellite offices, often have very simple needs. This example details how...
View ArticleData leak prevention
Data leak prevention The FortiGate data leak prevention (DLP) system allows you to prevent sensitive data from leaving your network. When you define sensitive data patterns, data matching these...
View ArticleData leak prevention concepts
Data leak prevention concepts Data leak prevention examines network traffic for data patterns you specify. You define whatever patterns you want the FortiGate unit to look for in network traffic. The...
View ArticleDLP archiving
DLP archiving DLP is typically used to prevent sensitive information from getting out of your company network, but it can also be used to record network use. This is called DLP archiving. The DLP...
View ArticleEnable data leak prevention
Enable data leak prevention DLP examines your network traffic for data patterns you specify. The FortiGate unit then performs an action based on the which pattern is found and a configuration set for...
View ArticleCreating/editing a DLP sensor
Creating/editing a DLP sensor DLP sensors are collections of filters. You must also specify an action for the filter when you create it in a sensor. Once a DLP sensor is configured, you can select it a...
View ArticleDLP examples
DLP examples To view or modify the replacement message text, go to System > Replacement Messages. Blocking content with credit card numbers When the objective is to block credit card numbers one...
View ArticleICAP support
ICAP support ICAP is the acronym for Internet Content Adaptation Protocol The purpose of the feature is to off load work that would normally take place on the firewall to a separate server specifically...
View ArticleOffloading using ICAP
Offloading using ICAP If you enable ICAP in a security policy, HTTP traffic intercepted by the policy is transferred to an ICAP server in the ICAP profile added to the policy. Responses from the ICAP...
View ArticleExample ICAP sequence
Example ICAP sequence This example is for an ICAP server performing web URL filtering on HTTP requests 1. A user opens a web browser and sends an HTTP request to connect to a web server. 2. The...
View ArticleOther Security Profiles considerations
Other Security Profiles considerations The following topics are included in this section: Security Profiles and Virtual domains (VDOMs) Conserve mode SSL content scanning and inspection Using wildcards...
View ArticleClik here to view.
Adding External Security Devices
Adding External Security Devices External Security Devices can be configured as means to offload processes to other devices, such as a FortiWeb, FortiCache, or FortiMail. Example processes could...
View Article