Firewall policy examples
Firewall Policy
FortiGate Version 4.0 Administration Guide
340
01-400-89802-20090424
Figure 202: Example SOHO network before FortiGate installation
Company A requires secure connections for home-based workers. Like many companies,
they rely heavily on email and Internet access to conduct business. They want a
comprehensive security solution to detect and prevent network attacks, block viruses, and
decrease spam. They want to apply different protection settings for different departments.
They also want to integrate web and email servers into the security solution.
To deal with their first requirement, Company A configures specific policies for each
home-based worker to ensure secure communication between the home-based worker
and the internal network.
1
Go to
Firewall > Policy
.
2
Select
Create New
and enter or select the following settings for Home_User_1:
Interface / Zone
Source: internal
Destination: wan1
Address
Source:
CompanyA_Network
Destination: Home_User_1
Schedule
Always
Service
ANY
Action
IPSEC
VPN Tunnel
Home1
Allow Inbound
yes
Allow outbound
yes
Inbound NAT
yes
Home-based Workers
(no secure connection)
ISP Web
Server
Internal Network
Finance
Department
Help
Desk
Engineering
Department
192.168.100.1
172.16.10.3
IPS Mail
Server
Internet
Содержание Gate 60D
Страница 678: ...Reports Log Report FortiGate Version 4 0 Administration Guide 678 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 704: ...Index FortiGate Version 4 0 Administration Guide 704 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 705: ...www fortinet com...
Страница 706: ...www fortinet com...