INTRODUCTION
A firewall
Designed
Used
It
Firewall
FIREWALL FEATURES
Traffic logging is enabled in a firewall policy so all log are get stored.
TYPES OF FIREWALL
Packet filter
Application gateway
CONT
Packet filter:
Application gateway:
It is very effective.
CONT..
State full firewall:
POLICY ACCEPT
POLICY DENY
ADDRESSES
Firewall address are added to firewall to the source and destination IP address
fields of firewall policies.
CREATE ADDRESSES
CONT
ADDRESS GROUP
SCHEDULES
One-time schedules
Recurring schedules
ONE-TIME SCHEDULES
RECURRING SCHEDULES
SERVICES
A services group can be created and then create one policy to allow
or block access for all the services in the group.
PREDEFINED SERVICES
CUSTOM SERVICES
SERVICE GROUPS
We can create groups of services and then create one policy to allow or block
access for all the services in the group.
NAT
Network Address Translation which hides the private IP address and sends
the public IP address
CONT
POLICY SEQUENCE
Policy list is to select through for a policy that matches the connection
attempt.
The policy starts at the top of the selected policy list and searches
down.
The policy list based on the source and destination addresses of the
connection attempt.
CONT
VIRTUAL IP
Virtual IPs are also widely used to balance incoming traffic to multiple
servers
Virtual IPs are used to allow the connection to FortiGate unit using
network address translation (NAT) firewall policies.
CONT
TRAFFIC SHAPER
Sets the priority of traffic processed by the policy to control the volume
of traffic for a specific period.
FIREWALL AUTHENTICATION
PROTOCOLS