Firewall policy examples
Firewall policy examples
Scenario one: SOHO sized business
228
Check FortiClient Installed
and Running
Redirect Restricted Users to
FortiGate Download Portal
FortiGate units are fully capable of meeting various network requirements from
home use to SOHO, to large enterprises and ISPs. The following two scenarios
will demonstrate the practical applications of firewall policies in the SOHO and
large enterprise environments.
For more detail on these two examples please see the Example Library Network
and SOHO and SMB Network Protection example guides in the FortiOS v3.0 MR2
documentation.
•
Scenario one: SOHO sized business
•
Scenario two: enterprise sized business
Company A is a small software company performing development and providing
customer support. In addition to their internal network of 15 computers, they also
have several employees that work from home all or some of the time.
With their current network topography, all 15 of the internal computers are behind
a router and must go to an external source to access the IPS Mail and Web
servers. All home based employees access the router through open/non secured
connections.
Select to check that the source host is running FortiClient
Host Security software. Enable the following reasons to
deny access as needed:
•
FortiClient is Not Installed
•
FortiClient is Not Licensed
•
AV/IPS Database Out-of-Date
•
AV Disabled
•
Firewall Disabled
•
Web Filter Disabled
Select to redirect denied users to the internal web portal
which provides the reason for denial. On units that
support it, users can download FortiClient Host Security
software.
FortiGate Version 3.0 MR4 Administration Guide
Firewall Policy
01-30004-0203-20070102