Fortinet 800 Switch User Manual


 
Getting started Factory default firewall configuration
FortiGate-800/800F Installation Guide 01-28006-0024-20041026 21
Factory default firewall configuration
FortiGate firewall policies control how all traffic is processed by the FortiGate unit.
Until firewall policies are added, no traffic can be accepted by or pass through the
FortiGate unit. To allow traffic through the FortiGate unit you can add firewall policies.
See the FortiGate Administration Guide for information about adding firewall policies.
The following firewall configuration settings are included in the default firewall
configuration to make it easier to add firewall policies.
The factory default firewall configuration is the same in NAT/Route and Transparent
mode.
Factory default protection profiles
Use protection profiles to apply different protection settings for traffic that is controlled
by firewall policies. You can use protection profiles to:
Configure antivirus protection for HTTP, FTP, IMAP, POP3, and SMTP firewall
policies
Configure Web filtering for HTTP firewall policies
Configure Web category filtering for HTTP firewall policies
Configure spam filtering for IMAP, POP3, and SMTP firewall policies
Enable the Intrusion Protection System (IPS) for all services
Enable content logging for HTTP, FTP, IMAP, POP3, and SMTP firewall policies
Administrative access
Internal HTTPS, Ping
External Ping
DMZ HTTPS, Ping
Port 1 Ping
Port 2 Ping
Port 3 Ping
Port 4 Ping
Table 4: Factory default Transparent mode network configuration (Continued)
Table 5: Default firewall configuration
Configuration setting Name Description
Firewall address All Firewall address matches the source or
destination address of any packet.
Pre-defined service More than 50
predefined services
Select from any of the 50 pre-defined services
to control traffic through the FortiGate unit that
uses that service.
Recurring schedule Always The recurring schedule is valid at any time.
Protection Profiles Strict, Scan, Web,
Unfiltered
Control how the FortiGate unit applies virus
scanning, web content filtering, spam filtering,
and IPS.