22
01-28008-0111-20050128
Fortinet Inc.
Factory default FortiGate configuration settings
Getting started
The factory default firewall configuration is the same in NAT/Route and Transparent
mode.
Factory default protection profiles
Use protection profiles to apply different protection settings for traffic that is controlled
by firewall policies. You can use protection profiles to:
• Configure antivirus protection for HTTP, FTP, IMAP, POP3, and SMTP firewall
policies
• Configure Web filtering for HTTP firewall policies
• Configure Web category filtering for HTTP firewall policies
• Configure spam filtering for IMAP, POP3, and SMTP firewall policies
• Enable the Intrusion Protection System (IPS) for all services
• Enable content logging for HTTP, FTP, IMAP, POP3, and SMTP firewall policies
Using protection profiles, you can build protection configurations that can be applied
to different types of firewall policies. This allows you to customize types and levels of
protection for different firewall policies.
For example, while traffic between internal and external addresses might need strict
protection, traffic between trusted internal addresses might need moderate protection.
You can configure firewall policies for different traffic services to use the same or
different protection profiles.
Protection profiles can be added to NAT/Route mode and Transparent mode firewall
policies.
The FortiGate unit comes preconfigured with four protection profiles.
Table 5: Default firewall configuration
Configuration setting Name
Description
Firewall policy
Internal
->
Wan1
Source: All Destination: All
Firewall address
All
Firewall address matches the source or
destination address of any packet.
Pre-defined service
More than 50
predefined services
Select from any of the 50 pre-defined services
to control traffic through the FortiGate unit that
uses that service.
Recurring schedule
Always
The recurring schedule is valid at any time.
Protection Profiles
Strict, Scan, Web,
Unfiltered
Control how the FortiGate unit applies virus
scanning, web content filtering, spam filtering,
and IPS.
Strict
To apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic.
You may not use the strict protection profile under normal circumstances but
it is available if you have problems with viruses and require maximum
screening.
Scan
To apply antivirus scanning and file quarantining to HTTP, FTP, IMAP,
POP3, and SMTP content traffic.
Содержание FortiGate 60M
Страница 12: ...12 01 28008 0111 20050128 Fortinet Inc Customer service and technical support Introduction ...
Страница 28: ...28 01 28008 0111 20050128 Fortinet Inc Next steps Getting started ...
Страница 56: ...56 01 28008 0111 20050128 Fortinet Inc Installing and configuring the cluster High availability installation ...