Support User Manuals

Fortinet 60c Computer Hardware User Manual

Open as PDF

of 62

22 01-28008-0018-20050128 Fortinet Inc.

Factory default FortiGate configuration settings Getting started

The factory default firewall configuration is the same in NAT/Route and Transparent

mode.

Factory default protection profiles

Use protection profiles to apply different protection settings for traffic that is controlled

by firewall policies. You can use protection profiles to:

• Configure antivirus protection for HTTP, FTP, IMAP, POP3, and SMTP firewall

policies

• Configure Web filtering for HTTP firewall policies

• Configure Web category filtering for HTTP firewall policies

• Configure spam filtering for IMAP, POP3, and SMTP firewall policies

• Enable the Intrusion Protection System (IPS) for all services

• Enable content logging for HTTP, FTP, IMAP, POP3, and SMTP firewall policies

Using protection profiles, you can build protection configurations that can be applied

to different types of firewall policies. This allows you to customize types and levels of

protection for different firewall policies.

For example, while traffic between internal and external addresses might need strict

protection, traffic between trusted internal addresses might need moderate protection.

You can configure firewall policies for different traffic services to use the same or

different protection profiles.

Protection profiles can be added to NAT/Route mode and Transparent mode firewall

policies.

The FortiGate unit comes preconfigured with four protection profiles.

Table 5: Default firewall configuration

Configuration setting Name Description

Firewall policy Internal -> Wan1 Source: All Destination: All

Firewall address All Firewall address matches the source or

destination address of any packet.

Pre-defined service More than 50

predefined services

Select from any of the 50 pre-defined services

to control traffic through the FortiGate unit that

uses that service.

Recurring schedule Always The recurring schedule is valid at any time.

Protection Profiles Strict, Scan, Web,

Unfiltered

Control how the FortiGate unit applies virus

scanning, web content filtering, spam filtering,

and IPS.

Strict To apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic.

You may not use the strict protection profile under normal circumstances but

it is available if you have problems with viruses and require maximum

screening.

Scan To apply antivirus scanning and file quarantining to HTTP, FTP, IMAP,

POP3, and SMTP content traffic.

previous next