Why limit to Authentication-based routing,can' t fortinet have Address-based and Device Identity routing on the policy tab itself rahter than putting it on the policy route tab would be very nice to have when your using/have multiple gateways
I would like to have an " application" field underneath the service field when creating a policy.
Instead of making a application sensor that allows or denies we should be able to do it within the policy (making policies significantly more granular and easy to roll out).
Palo Alto' s do that and it is incredible how much easier it is to kill traffic here allow it there all based on application without having to create 9 different sensors and THEN apply said sensors to the policies you made.
A function so when adding a firewall policy another policy with the opposite interfaces and addresses can be created.
This could be useful to save time when configuring interface based vpn.
So if i create a policy going from internal to vpn tunnel interface it could be a checkbox for this option.
" edit next" or " edit new" for integer based entries in the cli.
So if you want to enter a new firewall policy or static route (or ospf network or ... ) from the cli you don' t have to determine what already exists.
Nice to know, thanks.
I tried edit 0 and was interested (amused) to see " new entry ' 0' added" . But I presumed wysiwyg so I aborted rather than ended, hence didn' t see then final result.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.