Services, Schedules, Content profiles – Fortinet FortiGate 4000 User Manual

Page 194: Adding firewall policies, Services schedules content profiles

Advertising
background image

194

Fortinet Inc.

Adding firewall policies

Firewall configuration

You can also add firewall policies that perform network address translation (NAT). To
use NAT to translate destination addresses, you must add virtual IPs. Virtual IPs map
addresses on one network to a translated address on another network. For more
information about Virtual IPs, see

“Virtual IPs” on page 213

.

Services

Policies can control connections based on the service or destination port number of
packets. The default policy accepts connections using any service or destination port
number. The firewall is configured with over 40 predefined services. You can add
these services to a policy for more control over the services that can be used by
connections through the firewall. You can also add user-defined services. For more
information about services, see

“Services” on page 205

.

Schedules

Policies can control connections based on the time of day or day of the week when the
firewall receives the connection. The default policy accepts connections at any time.
The firewall is configured with one schedule that accepts connections at any time. You
can add more schedules to control when policies are active. For more information
about schedules, see

“Schedules” on page 210

.

Content profiles

Add content profiles to policies to apply antivirus protection, web filtering, and email
filtering to web, file transfer, and email services. The FortiGate unit includes the
following default content profiles:

• Strict—to apply maximum content protection to HTTP, FTP, IMAP, POP3, and

SMTP content traffic.

• Scan—to apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content

traffic.

• Web—to apply antivirus scanning and Web content blocking to HTTP content

traffic.

• Unfiltered—to allow oversized files to pass through the FortiGate unit without

scanned for viruses.

The default policy includes the scan content profile.

For more information about content profiles, see

“Content profiles” on page 223

.

Adding firewall policies

Add Firewall policies to control connections and traffic between FortiGate interfaces,
zones, and VLAN subinterfaces.

To add a firewall policy

1

Go to Firewall > Policy.

2

Select the policy list to which you want to add the policy.

Advertising
Popular Brands
Popular manuals