Unfiltered content profile, Planning the fortigate configuration, Nat/route mode standalone configuration – Fortinet FortiGate 4000 User Manual

Getting started

Planning the FortiGate configuration

FortiGate-4000 Installation and Configuration Guide

53

Unfiltered content profile

Use the unfiltered content profile if you do not want to apply content protection to
traffic. You can add this content profile to firewall policies for connections between
highly trusted or highly secure networks where content does not need to be protected.

Planning the FortiGate configuration

Before you configure the FortiGate-4000 units in the FortiGate-4000 chassis, you
need to plan how to integrate them into your network. Among other things, you must
decide whether you want the FortiGate-4000 units to be visible to the network, which
firewall functions you want to provide, and how you want it to control the traffic flowing
between FortiGate-4000 unit interfaces.

This section contains overviews for installing a FortiGate-4000 unit with the following
configurations:

•

NAT/Route mode standalone configuration

•

Transparent mode standalone configuration

•

FortiGate-4000 HA configuration

•

FortiGate-4000P units with external load balancers

NAT/Route mode standalone configuration

In NAT/Route mode standalone configuration, each FortiGate-4000 unit in the
FortiGate-4000 chassis operates as a separate NAT/Route mode FortiGate-4000
antivirus firewall. Each of these FortiGate-4000 units is visible to the network it is
connected to. The internal and external interfaces of each FortiGate-4000 unit must
be on a different subnet.

Table 18: Unfiltered content profile

Options

HTTP

FTP

IMAP

POP3

SMTP

Antivirus Scan

File Block

Web URL Block

Web Content Block

Web Script Filter

Web Exempt List

;

Email Block List

Email Exempt List

;

;

Email Content Block

Oversized File/Email Block

pass

pass

pass

pass

pass

Pass Fragmented Emails

;

;

;