Fortinet FortiGate 800/800F Скачать руководство пользователя | Manualshive

Страница: 8 / 54

background image

FortiGate-800 and FortiGate-800F FortiOS 3.0 MR6 Install Guide

8

01-30006-0455-20080910

About the FortiGate-800/800F

Introduction

About the FortiGate-800/800F

The FortiGate-800/F Multi-Threat Security system provides the performance,
flexibility, and security necessary to protect today's most demanding large
enterprise networks. The FortiGate-800 can be deployed as a high performance
antivirus and web content filtering gateway, or as a complete network protection
solution leveraging firewall, VPN, IPS and antispam capabilities. The FortiGate-
800 Multi-Threat Securiy system features four 10/100/1000 tri-speed ethernet
ports for networks running at gigabit speeds and four user-definable 10/100 ports
that provide granular security through multi-zone capabilities, allowing
administrators to segment their network into zones and create policies between
zones.

Figure 1: FortiGate-800 and FortiGate-800F

About this document

This document explains how to install and configure your FortiGate unit onto your
network. This document also includes how to install and upgrade new firmware
versions on your FortiGate unit.

This document contains the following chapters:

•

Installing

– Describes setting up and powering on a FortiGate unit.

•

Configuring

– Provides an overview of the operating modes of the FortiGate

unit and how to integrate the FortiGate unit into your network.

•

Advanced configuration

– Describes additional configuration you can perform

on the FortiGate unit to enhance network protection, including antivirus,
antispam, firewall configuration and logging.

•

FortiGate Firmware

– Describes how to install, update, restore and test

firmware for the FortiGate device.

Document conventions

The following document conventions are used in this guide:

• In the examples, private IP addresses are used for both private and public IP

addresses.

• Notes and Cautions are used to provide important information:

Esc

Enter

CONSOLE

I N T E R N A L

E X T E R N A L

D M Z

HA

1

2

3

4

USB

8

P W R

Esc

Enter

CONSOLE

I N T E R N A L

E X T E R N A L

D M Z

HA

1

2

3

4

USB

800F

P W R

Note:

Highlights useful additional information.

«
...
6
7
8
9
10
...
»

Содержание FortiGate 800/800F

Страница 1: ...www fortinet com FortiGate 800 and FortiGate 800F FortiOS 3 0 MR6 I N S T A L L G U I D E...

Страница 2: ...c Threat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard Antispam FortiGuard Antivirus FortiGuard Intrusion...

Страница 3: ...talling 11 Environmental specifications 11 Cautions and warnings 12 Grounding 12 Rack mount instructions 12 Mounting 13 Plugging in the FortiGate 14 Connecting to the network 14 Turning off the FortiG...

Страница 4: ...nfiguration 27 Backing up the configuration 27 Restoring a configuration 28 Additional configuration 28 Set the time and date 28 Set the Administrator password 28 Configure FortiGuard 29 Updating anti...

Страница 5: ...006 0455 20080910 5 Installing firmware from a system reboot using the CLI 42 Restoring the previous configuration 44 Backup and Restore from a USB key 44 Using the USB Auto Install 45 Additional CLI...

Страница 6: ...FortiGate 800 and FortiGate 800F FortiOS 3 0 MR6 Install Guide 6 01 30006 0455 20080910 Contents...

Страница 7: ...ed Threat Management System uses Fortinet s Dynamic Threat Prevention System DTPS technology which leverages breakthroughs in chip design networking security and content analysis The unique ASIC based...

Страница 8: ...how to install and configure your FortiGate unit onto your network This document also includes how to install and upgrade new firmware versions on your FortiGate unit This document contains the follo...

Страница 9: ...rotection web content filtering and spam filtering and how to configure a VPN FortiGate online help Provides a context sensitive and searchable version of the Administration Guide in HTML format You c...

Страница 10: ...PN User Guide Explains how to configure a PPTP VPN using the web based manager FortiGate Certificate Management User Guide Contains procedures for managing digital certificates including generating ce...

Страница 11: ...n make sure that the appliance has at least 1 5 in 3 75 cm of clearance on each side to allow for adequate air flow and cooling This device complies with part FCC Class A Part 15 UL CUL C Tick CE and...

Страница 12: ...e rack environment may be greater than room ambient Therefore consideration should be given to installing the equipment in an environment compatible with the maximum ambient temperature Tma specified...

Страница 13: ...front portion of the FortiGate unit Ensure that the screws are tight and not loose The following photos illustrate how the brackets should be mounted Note that the screw configuration may vary dependi...

Страница 14: ...o the on position indicated by the I Connecting to the network Using the supplied Ethernet cable connect one end of the cable to your router or modem whatever the connection is to the Internet Connect...

Страница 15: ...T Route mode and Transparent mode Both include the same robust network security features such as antispam antivirus VPN and firewall policies NAT mode In NAT Route mode the FortiGate unit is visible t...

Страница 16: ...ese tasks using the web based manger a GUI interface using a current web browser such as FireFox or Internet Explorer using the command line interface CLI a command line interface similar to DOS or UN...

Страница 17: ...because the FortiGate unit redirects the connection This is an informational message Select OK to continue logging in 4 Type admin in the Name field and select Login Connecting to the CLI To connect t...

Страница 18: ...e default gateway retrieved from the DHCP server The administrative distance specifies the relative priority of a route when there are multiple routes to the same destination A lower administrative di...

Страница 19: ...ns This route is called the static default route If no other routes are present in the routing table and a packet needs to be forwarded beyond the FortiGate unit the factory configured static default...

Страница 20: ...h the FortiGate interfaces Firewall policies define how the FortiGate unit processes the packets in a communication session You can configure the firewall policies to allow only specific traffic users...

Страница 21: ...section Connecting to the CLI on page 17 before beginning Configure the interfaces When shipped the FortiGate unit has a default address of 192 168 1 99 and a netmask of 255 255 255 0 for either the...

Страница 22: ...et DNS server IP addresses are typically provided by your internet service provider To configure DNS server settings config system dns set autosvr enable disable set primary address_ip set secondary a...

Страница 23: ...ffic to flow through the FortiGate interfaces Firewall policies to define the FortiGate unit process the packets in a communication session You can configure the firewall policies to allow only specif...

Страница 24: ...Netmask address and the Default Gateway address The default gateway IP address is required to tell the FortiGate unit where to send network traffic to other networks 5 Select Apply Configure a DNS se...

Страница 25: ...ct OK Firewall policy configuration is the same in NAT Route mode and Transparent mode Note that these policies allow all traffic through No protection profiles have been applied Ensure you create add...

Страница 26: ...econdary DNS server IP addresses Adding firewall policies Firewall policies enable traffic to flow through the FortiGate interfaces Firewall policies define the FortiGate unit process the packets in a...

Страница 27: ...configured and working correctly it is extremely important that you back up your configuration By backing up the configuration you ensure that if you need to reset the FortiGate unit for whatever rea...

Страница 28: ...tion While not mandatory they will help in ensuring better control with the firewall Set the time and date For effective scheduling and logging the FortiGate system date and time must be accurate You...

Страница 29: ...registered your FortiGate unit you can update antivirus and IPS signatures The FortiGuard Center enables you to receive push updates allow push update to a specific IP address and schedule updates fo...

Страница 30: ...FortiGate 800 and FortiGate 800F FortiOS 3 0 MR6 Install Guide 30 01 30006 0455 20080910 Additional configuration Configuring...

Страница 31: ...filtering spam filtering content archiving instant messaging filtering and access control P2P access and bandwidth control logging options for policies and configurations within the policies rate limi...

Страница 32: ...rects the firewall action for the connection The action can be to allow the connection deny the connection require authentication before the connection is allowed or process the packet as an IPSec VPN...

Страница 33: ...policy you can apply FortiGate features such as virus scanning and authentication to the communication session accepted by the policy Add DENY policies to deny communication sessions Add IPSec encryp...

Страница 34: ...ng go to AntiVirus Config Grayware Antivirus settings are turned on in the protection profile In the protection profile you can enable antivirus options for specific services and which services will u...

Страница 35: ...t compares the email address of the message s sender to the email address list in sequence If a match is found the action associated with the email address is taken If no match is found the message is...

Страница 36: ...evolves You need to have a FortiGuard subscription to take advantage of FortiGuard web filtering The FortiGate unit also enables you to override the FortiGuard filtering designation and you can add y...

Страница 37: ...ing the patch release before upgrading the firmware Follow the steps below download and review the release notes for the patch release download the patch release back up the current configuration inst...

Страница 38: ...ype the path and filename of the firmware image file or select Browse and locate the file 6 Select OK The FortiGate unit uploads the firmware image file upgrades to the new firmware version restarts a...

Страница 39: ...g since the FortiGate unit must recognize that the key is installed in its USB port To backup configuration 1 Go to System Maintenance Backup and Restore 2 Select USB Disk from the backup configuratio...

Страница 40: ...finitions included with the firmware release you are installing After you install new firmware make sure that antivirus and attack definitions are up to date You can also use the CLI command execute u...

Страница 41: ...lacement messages Before beginning this procedure it is recommended that you back up the FortiGate unit system configuration using the command execute backup config back up the IPS custom signatures u...

Страница 42: ...s Get image from tftp server OK Check image OK This operation will downgrade the current firmware version Do you want to continue y n 7 Type y The FortiGate unit reverts to the old firmware version re...

Страница 43: ...following message This operation will reboot the system Do you want to continue y n 7 Type y As the FortiGate unit starts a series of system startup messages appears When the following messages appea...

Страница 44: ...storing the previous configuration Change the internal interface address if required You can do this from the CLI using the following command config system interface edit interface set ip address_ip4m...

Страница 45: ...ommand config system auto install set default config file filename set auto intall config enable disable set default image file filename set auto install image enable disable end 3 Enter the following...

Страница 46: ...e on the same subnet as the internal interface To test the new firmware image 1 Connect to the CLI using a RJ 45 to DB 9 or null modem cable 2 Make sure the TFTP server is running 3 Copy the new firmw...

Страница 47: ...rver but make sure you do not use the IP address of another device on the network The following message appears Enter File Name image out 11 Enter the firmware image file name and press Enter The TFTP...

Страница 48: ...FortiGate 800 and FortiGate 800F FortiOS 3 0 MR6 Install Guide 48 01 30006 0455 20080910 Testing new firmware before installing FortiGate Firmware...

Страница 49: ...rride 18 document conventions 8 documentation 9 domain name server configure 24 domain name server configure 19 22 downloading firmware 37 E earthing 12 execute shutdown 14 F firewall policies 20 23 3...

Страница 50: ...security certificate 17 shielded twisted pair 12 shut down 14 signatures update 29 static route 19 23 system reboot installing 42 T technical support 10 TFTP server 42 time and date 28 time zone 28 T...

Страница 51: ...FortiGate 800 and FortiGate 800F FortiOS 3 0 MR6 Install Guide 51 01 30006 0455 20080910 Index...

Страница 52: ...FortiGate 800 and FortiGate 800F FortiOS 3 0 MR6 Install Guide 52 01 30006 0455 20080910 Index...

Страница 53: ...www fortinet com...

Страница 54: ...www fortinet com...

Отзывы:

Нет отзывов

Похожие инструкции для FortiGate 800/800F

Бренд: Watchguard Страницы: 27

Бренд: W&T Страницы: 114

Photosmart 7500

Бренд: HP Страницы: 84

Бренд: Sophos Страницы: 4

Бренд: Yamaha Страницы: 52

Бренд: Radware Страницы: 83

Бренд: Watchguard Страницы: 23

Бренд: ShareTech Страницы: 18

Бренд: IOGear Страницы: 1

Бренд: Freecom Страницы: 58

Бренд: Billion Страницы: 130

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды