DoS protection
DoS protection Denial of Service (DoS) policies are primarily used to apply DoS anomaly checks to network traffic based on the FortiGate interface it is entering as well as the source and destination...
View ArticleOne-Arm IDS
One-Arm IDS Interface-based policy only defines what and how IPS functions are applied to the packets transmitted by the interface. It works no matter if the port is used in a forwarding path or used...
View ArticleIPv6 IPS
IPv6 IPS IPv6 IPS signature scan can be enabled by interface policy. The user can create an normal IPS sensor and assign it to the IPv6 interface policy. config firewall interface-policy6 edit 1 set...
View ArticleTraffic destined to the FortiGate unit
Traffic destined to the FortiGate unit IPS enabled in firewall policies can only inspect the traffic pass through FortiGate unit, not the traffic destined to FortiGate unit. Enabling IPS in...
View ArticleDropped, flooded, broadcast, multicast and L2 packets
Dropped, flooded, broadcast, multicast and L2 packets In many evaluation or certification tests, FortiGate firewall is often required to log any packets dropped by the firewall. In most of cases, these...
View ArticleGUI and CLI
GUI and CLI Now in FortiGate, there are two places that IPS can be enabled, in a firewall policy and in an interface policy. In the firewall policy implementation, IPS sensor can be configured in both...
View ArticleLocal-In policies
Local-In policies On the FortiGate unit, there are a number of protocols and traffic that is specific to the internal workings of FortiOS. For many of these traffic sources, you can identify a specific...
View ArticleSecurity policy 0
Security policy 0 Any security policy that is automatically added by the FortiGate unit has a policy ID number of zero (0). The most common reasons the FortiGate unit creates this policy is: The IPsec...
View ArticleDNS traffic in NGFW policy-mode
DNS traffic in NGFW policy-mode FortiOS has an option to enable the creation of an implicit policy to allow DNS traffic. Certain Application Control profiles may not work properly if DNS traffic is not...
View ArticleDeny and Accept Policies
Deny policies Deny security policies deny traffic that is coming into the network. The FortiGate unit automatically blocks traffic that is associated with a deny security policy. Deny security policies...
View ArticleFixed port
Fixed port Some network configurations do not operate correctly if a NAT policy translates the source port of packets used by the connection. NAT translates source ports to keep track of connections...
View ArticleEndpoint security
Endpoint security Endpoint security enforces the use of the FortiClient End Point Security (FortiClient and FortiClient Lite) application on your network. It can also allow or deny endpoints access to...
View ArticleTraffic logging
Traffic logging When you enable logging on a security policy, the FortiGate unit records the scanning process activity that occurs, as well as whether the FortiGate unit allowed or denied the traffic...
View ArticleIPv6
IPv6 Internet Protocol version 6 (IPv6) will succeed IPv4 as the standard networking protocol of the Internet. IPv6 provides a number of advances over IPv4 but the primary reason for its replacing IPv4...
View ArticleClik here to view.
FortiOS 6.0.4 Release Notes
Supported models FortiOS 6.0.4 supports the following models. FortiGate FG-30D, FG-30D-POE, FG-30E, FG-30E_3G4G_INTL, FG-30E_3G4G_NAM, FG-50E, FG-51E, FG-52E, FG-60D, FG-60D-POE, FG-60E, FG-60E-POE,...
View ArticleIPv6 in FortiOS
IPv6 in FortiOS From an administrative point of view IPv6 works almost the same as IPv4 in FortiOS. The primary differences are the use of IPv6 format for addresses and fewer address types for IPv6....
View ArticleBasic Traffic Shaping With A FortiGate on FortiOS 6.0.4
Short video explaining some basics on traffic shaping on a FortiGate that is running FortiOS 6.0.4
View ArticleHow To Configure Netflow On A FortiGate
This is a quick video on how to configure Netflow on a FortiGate. Very powerful setting that will enable you to gain so much visibility into your environment.
View ArticleTunneling IPv6 through IPsec VPN
Tunneling IPv6 through IPsec VPN A variation on the tunneling IPv6 through IPv4 is using an IPsec VPN tunnel between to FortiGate devices. FortiOS supports IPv6 over IPsec. In this sort of scenario, 2...
View ArticleSIP over IPv6
SIP over IPv6 FortiOS supports Sessions Initiate Protocol (SIP) over IPv6. The SIP application-level gateway (ALG) can process SIP messages that use IPv6 addresses in the headers, bodies, and in the...
View Article