beautypg.com

Firewall configuration, Firewall configuration” on – Fortinet FortiGate 100 User Manual

Page 141

background image

FortiGate-100 Installation and Configuration Guide Version 2.50 MR2

FortiGate-100 Installation and Configuration Guide

141

Firewall configuration

Firewall policies control all traffic passing through the FortiGate unit. Firewall policies

are instructions used by the FortiGate unit to decide what to do with a connection

request. When the firewall receives a connection request in the form of a packet, it

analyzes the packet to extract its source address, destination address, and service

(port number).
For the packet to be connected through the FortiGate unit, a firewall policy must have

been added that matches the packet’s source address, destination address, and

service. The policy directs the firewall action on the packet. The action can be to allow

the connection, deny the connection, require authentication before the connection is

allowed, or process the packet as an IPSec VPN packet. You can also add schedules

to policies so that the firewall can process connections differently depending on the

time of day or the day of the week, month, or year.
Each policy can be individually configured to route connections or to apply network

address translation (NAT) to translate source and destination IP addresses and ports.

You can add IP pools to use dynamic NAT when the firewall translates source

addresses. You can use policies to configure port address translation (PAT) through

the FortiGate.
Content profiles can be added to policies to apply antivirus protection, web filtering,

and email filtering to web, file transfer, and email services. You can create content

profiles that perform one or any combination of the following actions:
• Apply antivirus protection to HTTP, FTP, SMTP, IMAP, or POP3 services.
• Apply web filtering to HTTP services.
• Apply email filtering to IMAP and POP3 services.

You can also add logging to a firewall policy so that the FortiGate unit logs all
connections that use this policy.

This chapter describes:

Default firewall configuration

Adding firewall policies

Configuring policy lists

Addresses

Services

Schedules

Virtual IPs

IP pools

IP/MAC binding

Content profiles

See also other documents in the category Fortinet Hardware: