CLI Scripts
CLI Scripts To upload bulk CLI commands and scripts, go to System > Config > Advanced. Scripts are text files containing CLI command sequences. Scripts can be used to deploy identical...
View ArticleRejecting PING requests
Rejecting PING requests The factory default configuration of your FortiGate unit allows the default external interface to respond to ping requests. Depending on the model of your FortiGate unit the...
View ArticleOpening TCP 113
Opening TCP 113 Although seemingly contrary to conventional wisdom of closing ports from hackers, this port, which is used for ident requests, should be opened. Port 113 initially was used as an...
View ArticleObfuscate HTTP responses
Obfuscate HTTP responses The FortiGate unit can obfuscate the HTTP responses from the FortiGate admin GUI and SSL VPN servers. By default this option is not enabled. To obfuscate HTTP headers, use the...
View ArticleChapter 25 – Traffic Shaping
Chapter 25 – Traffic Shaping With the ever-increasing demands on network systems for a number of protocols, including email, HTTP traffic both internally and externally to the internet, voice over IP,...
View ArticleThe purpose of traffic shaping
The purpose of traffic shaping Traffic shaping, or traffic management, controls the bandwidth available and sets the priority of traffic processed by the policy to control the volume of traffic for a...
View ArticleQuality of Service
Quality of Service Quality of Service (QoS) is the capability to adjust some quality aspects of your overall network traffic. This can include such techniques as priority-based queuing and traffic...
View ArticleTraffic policing
Traffic policing The FortiGate unit begins to process traffic as it arrives (ingress) and departs (egress) on an interface. In later phases of the network processing, such as enforcing maximum...
View ArticleBandwidth guarantee, limit, and priority interactions
Bandwidth guarantee, limit, and priority interactions After packet acceptance, the FortiGate unit classifies traffic and may apply traffic policing at additional points during processing. It may also...
View ArticleFortiGate traffic
FortiGate traffic Security Policies do not apply to Administrative access to the FortiGate through HTTPS or SSH, or IPsec tunnel negotiations, and therefore FortiGate units do not apply traffic...
View ArticleCalculation and regulation of packet rates
Calculation and regulation of packet rates Packet rates specified for Maximum Bandwidth or Guaranteed Bandwidth are: rate = amount / time where rate is expressed in kilobits per second (Kb/s). Burst...
View ArticleTraffic shaping methods
Traffic shaping methods In FortiOS, there are three types of traffic shaping configurations. Each has a specific function, and all can be used together in varying configurations. Policy shaping enables...
View ArticleShared policy shaping
Shared policy shaping Traffic shaping by security policy enables you to control the maximum and/or guaranteed throughput for any security policies specified in the Traffic Shaping Policy. When...
View ArticlePer-IP shaping
Per–IP shaping Traffic shaping by IP enables you to apply traffic shaping to all source IP addresses in the security policy. As well as controlling the maximum bandwidth users of a selected policy, you...
View ArticleApplication control shaping
Application control shaping Traffic shaping is also possible for specific applications, too. Application control shaping works in conjunction with a Shared Shaper or Per-IP Shaper. You must create a...
View ArticleReverse direction traffic shaping
Reverse direction traffic shaping The shaper you select in the traffic shaping policy (shared shaper) will affect the traffic in the direction defined in the policy. For example, if the source port is...
View ArticleEnabling traffic shaping in the security policy
Enabling traffic shaping in the security policy Historically, FortiOS traffic shapers have always been enabled within a security policy.This is no longer the easiest way to apply shapers, since in...
View ArticleType of Service priority
Type of Service priority Type of service (ToS) is an 8-bit field in the IP header that enables you to determine how the IP datagram should be delivered, using criteria of Delay, Throughput, Priority,...
View ArticleDifferentiated Services
Differentiated Services Differentiated Services describes a set of end-to-end Quality of Service (QoS) capabilities. End-to-end QoS is the ability of a network to deliver service required by specific...
View ArticleTraffic Shaper Monitor
Traffic Shaper Monitor You can view statistical information about traffic shapers and their bandwidth from FortiView > Traffic Shaping. Refresh the information on the page. Table View shows the...
View Article