beautypg.com

Unfiltered content profile, Planning the fortigate configuration, Nat/route mode – Fortinet FortiGate 50A User Manual

Page 27: 27 unfiltered content profile

background image

Getting started

Planning the FortiGate configuration

FortiGate-50A Installation and Configuration Guide

27

Unfiltered content profile

Use the unfiltered content profile if you do not want to apply content protection to
traffic. You can add this content profile to firewall policies for connections between
highly trusted or highly secure networks where content does not need to be protected.

Planning the FortiGate configuration

Before you configure the FortiGate unit, you need to plan how to integrate the unit into
the network. Among other things, you must decide whether you want the unit to be
visible to the network, which firewall functions you want it to provide, and how you
want it to control the traffic flowing between its interfaces.

Your configuration plan depends on the operating mode that you select. The FortiGate
unit can be configured in one of two modes: NAT/Route mode (the default) or
Transparent mode.

NAT/Route mode

In NAT/Route mode, the unit is visible to the network. Like a router, all its interfaces
are on different subnets. The following interfaces are available in NAT/Route mode:

• External is the interface to the external network (usually the Internet).
• Internal is the interface to the internal network.

You can add security policies to control whether communications through the
FortiGate unit operate in NAT or Route mode. Security policies control the flow of
traffic based on the source address, destination address, and service of each packet.
In NAT mode, the FortiGate unit performs network address translation before it sends
the packet to the destination network. In Route mode, there is no translation.

By default, the FortiGate unit has a NAT mode security policy that allows users on the
internal network to securely download content from the external network. No other
traffic is possible until you have configured further security policies.

Table 9: Unfiltered content profile

Options

HTTP

FTP

IMAP

POP3

SMTP

Antivirus Scan

…

…

…

…

…

File Block

…

…

…

…

…

Web URL Block

…

Web Content Block

…

Web Script Filter

…

Web Exempt List

;

Email Block List

…

…

…

Email Exempt List

;

;

Email Content Block

…

…

Oversized File/Email Block

pass

pass

pass

pass

pass

Pass Fragmented Emails

;

;

;

See also other documents in the category Fortinet Hardware: