beautypg.com

Firewall, Nat/route mode – Fortinet FortiGate 100 User Manual

Page 15

background image

Introduction

NAT/Route mode

FortiGate-100 Installation and Configuration Guide

15

You can configure Email blocking to tag email from all or some senders within
organizations that are known to send spam email. To prevent unintentional tagging of
email from legitimate senders, you can add sender address patterns to an exempt list
that overrides the email block and banned word lists.

Firewall

The FortiGate ICSA-certified firewall protects your computer networks from the hostile
environment of the Internet. ICSA has granted FortiGate firewalls version 4.0 firewall
certification, providing assurance that FortiGate firewalls successfully screen for and
secure corporate networks against a wide range of threats from public or other
untrusted networks.

After basic installation of the FortiGate unit, the firewall allows users on the protected
network to access the Internet while blocking Internet access to internal networks. You
can modify this firewall configuration to place controls on access to the Internet from
the protected networks and to allow controlled access to internal networks.

FortiGate policies include a complete range of options that:

• control all incoming and outgoing network traffic,
• control encrypted VPN traffic,
• apply antivirus protection and web content filtering,
• block or allow access for all policy options,
• control when individual policies are in effect,
• accept or deny traffic to and from individual addresses,
• control standard and user defined network services individually or in groups,
• require users to authenticate before gaining access,
• include traffic shaping to set access priorities and guarantee or limit bandwidth for

each policy,

• include logging to track connections for individual policies,
• include Network address translation (NAT) mode and Route mode policies,
• include Mixed NAT and Route mode policies.

The FortiGate firewall can operate in NAT/Route mode or Transparent mode.

NAT/Route mode

In NAT/Route mode, you can create NAT mode policies and Route mode policies.

• NAT mode policies use network address translation to hide the addresses in a

more secure network from users in a less secure network.

• Route mode policies accept or deny connections between networks without

performing address translation.