Firewall
•Descargar como PPTX, PDF•
0 recomendaciones•888 vistas
This document provides an overview of the key features and capabilities of the FortiOS firewall, including policy management, network address translation (NAT), traffic support, hardware acceleration, identity-based policies, policy objects, and the policy table interface. Key capabilities include granular user and device-based policies, policy coloring and tagging, intelligent object searching, and hardware offloading for high performance packet processing.
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Similar a Firewall
Similar a Firewall (20)
Más de Lan & Wan Solutions
Más de Lan & Wan Solutions (20)
Último
Último (20)
Firewall
- 1. © Copyright Fortinet Inc. All rights reserved. Inside FortiOS Firewall Versione 5.2.4 – Mar 2015 Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali e Geografiche
- 2. 2 Overview Firewall Policy Management Section & Global View IP, User & Device based Policies Policy Objects, Object tagging & Coloring Traffic counters NAT Static NAT, Dynamic NAT Support Central NAT Table Traffic Support SCTP, GTP, ICMP Session helpers & ALGs Hardware Acceleration* High performance across all packet size Ultra-low latency Innovative features that allows accurate and effective policy setup Policy Table *applicable to supported models
- 3. 3 Policy Table Firewall Section View Global View
- 4. 4 Policy Table Firewall Configurable column settings Object Coloring Policy counters Smart object search Drag-and-drop policy rearrangement or moving objects Direct object/policy edit with right click
- 5. 5 Identity based Policy User Identity based Security Policies Assign access policy and profiles to each User Groups or Users Device Identity based Security Policies Assign access policy and profiles to each Device Type or Device Group User Group #1 User #1 User #2 UTM Profile #1 UTM Profile #2 Service Port #1 Service Port #2 DST #1 DST #2 Firewall SRC #1 SRC #1 Device Group #1 Device Type #1 Device Type #2 UTM Profile #1 UTM Profile #2 Service Port #1 Service Port #2 DST #1 DST #2 SRC #1 SRC #1
- 6. 6 Policy Management Policy Control Traffic when they transverse through the device » Interfaces, zones (group of interfaces), VLANs and SSIDs segments Components » Firewall configuration » NAT settings, Traffic shaping settings » Security instructions, eg, scan for viruses, detect attacks, etc » Logging Options Firewall
- 7. 7 Policy Management Source Types Merged policies (IP, User & Device) “AND” Operations if more than one type of source is used AND AND Firewall
- 8. 8 User Group #1 User #1 User #2 UTM Profile #1 UTM Profile #2 Service Port #1 Service Port #2 DST #1 DST #2 IP #1 IP #1 - Device Group #1 ✔ ✔ - -Service Port #2 DST #1 DST #2 IP #1 - ✗ User #1 User #2 -Service Port #2DST #3IP #3 Device Group #2 ✗ User #1 User #2 -Service Port #2DST #3IP #3 - ✔ Policies are matched top-down. The policy table may consist of different policy types. Policy Management Firewall
- 9. 9 Policy Objects FortiGuard GeoIP DB Distributed as FortiGuard Update, Requires Valid FortiCare Contract Manual update required using CLI Command GeoIP override is configurable Supports IPv6 addresses Firewall
- 10. 10 Policy Objects Intelligent Object Searching Initial implement on Firewall Address list Search by name, IP, wildcards, etc. Firewall
- 11. 11 H/W Acceleration Firewall Legacy Security Gateway Appliances FortiGate with FortiASIC CPU offload Initial session setup Instruction download
- 12. 12 Contattaci Gratuitamente … Certified experts in Fortimail and email security Certified experts in Fortiweb and web application firewall protection Certified experts in FortiAp, FortiWifi and wireless security CONTACTS Tel. +39 049 8843198 DIGIT (5) contacts@lanewan.it www.lanewan.it In questi anni di partnership con la casa madre, Lan & Wan Solutions ha ottenuto tutte le specializzazioni previste nei vari iter di certifica- zione, raggiungendo la qualifica di Partner Of Excellence.