WAN Optimization
What’s new in FortiOS 4.0
FortiGate Version 4.0 Administration Guide
30
01-400-89802-20090424
•
3600A
•
3810A
•
5005FA2
•
5001A.
For more information, see
“SSL content scanning and inspection” on page 399
.
WAN Optimization
You can use the new FortiGate WAN Optimization feature to improve performance and
security across a WAN by applying a number of related techniques including protocol and
application-based data compression and optimization data deduction (a technique that
reduces how often the same data is transmitted across the WAN), web caching, secure
tunneling and SSL acceleration.
For more information, see
“WAN optimization and web caching” on page 599
.
Endpoint control
The new Endpoint Compliance feature (also called endpoint control) replaces the FortiOS
3.0
Check FortiClient Installed and Running
firewall options. You can enforce the use of
FortiClient End Point Security (Enterprise Edition) in your network and ensure that clients
have both the most recent version of the FortiClient software and the most up-to-date
antivirus signatures.
The FortiGate unit retrieves FortiClient software and antivirus updates from the FortiGuard
Distribution Network. If the FortiGate unit contains a hard disk drive, these files are cached
to more efficiently serve downloads to multiple end points. Go to
Endpoint Control >
FortiClient
to see the software and antivirus signature versions that the endpoint control
feature enforces.
The Endpoint Compliance feature also provides monitoring. The FortiGate unit gathers
information from client PCs when they use a firewall policy with the
Enable Endpoint
Compliance Check
option enabled.
For more information, see
“Endpoint control” on page 641
.
Network Access Control (NAC) quarantine
FortiOS 4.0 provides new Network Access Control (NAC) quarantine features that you can
use with Antivirus and intrusion protection to block (or quarantine) users or FortiGate
interfaces when a virus is found or an attack is detected by an IPS Sensor or a DoS
Sensor. You can also use IPS Senors and DoS Sensors to block communication between
the source and destination of an attack.
Data Leak Preventions (DLP) also includes features similar to NAC quarantine that you
can use to block users who send content that matches a DLP sensor.
The FortiGate unit adds blocked users and interfaces to the banned users list. FortiGate
administrators can view the users and interfaces on the banned users list and manually
remove them from the list to restore normal access.
For information about NAC quarantine, see
Содержание Gate 60D
Страница 678: ...Reports Log Report FortiGate Version 4 0 Administration Guide 678 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 704: ...Index FortiGate Version 4 0 Administration Guide 704 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 705: ...www fortinet com...
Страница 706: ...www fortinet com...