Hello .. I am managing network of 50 users including PCs and mobile. I am facing a lot of problem of Malware and Spyware. So I m planning to place a Fortigate 61E firewall. plz help is this best choice for me ...
How fast is your internet connection?
Is this one flat network or will there be multiple networks that will need UTM between them?
Mike Pruett
well dear i am using 5MB connection with 5 pulic ips currently terminated on mikrotik router ... from mikrotik connection distributed into different wifi .. all wifi are working as a bridge mode.....
A 61E should be enough for that kind of bandwidth even with UTM enabled on your wan rules.
From a security point of view, having a firewall with UTM is a nice peace to add but it doesn't solve bad layouts and it doesn't provide antivirus/malware on the PCs themselves (unless you have forticlient licences that is). Just saying simply adding a firewall won't fix everything :) That said it will prevent a lot of inconveniences if properly configured.
will u please help me more in this regard. what type of forticlient licences [style="background-color: #ff0000;"](unless you have [/style]forticlient[style="background-color: #ff0000;"] licences that is) [style="background-color: #ffffff;"] i need ... i m very thankful to if u help me guys .. My public IPs block again and again due to spamming from network[/style][/style]
From what I can guess what happens, you should investigate on all security levels of your IT infrastructure. If your public IPs have a bad reputation it means your network/computers are sending those spams. That's quite alarming and putting a firewall such as a Fortigate with UTM will mitigate the problem and probably prevent some future intrusions BUT it won't solve your current root problem.
You should try to follow some IT security guidelines, you can find good documentation googling it. So I would focus my attention on a few things:
- Securing your servers, you probably have some smtp relays that are badly configured or even an intrusion somewhere;
- Securing your desktops/laptops: as there are some outgoing spams, some may be infected by some botnet malware;
--- Install anti-viruses/anti-malwares, the FortiClient solution can provide you with those at the client level as well.
- Securing your network:
--- At the very least separate the "clients/users" network from your backend network with your servers;
--- Use a UTM capable firewall
------ Use this firewall as a firewall and avoid the use of too broad rules such as any-any ones.
You can already take some immediate actions in order to secure your network a bit like checking your servers & computers.
I agree with anelis. The Fortigate will help mitigate some of the issues, but if your public IPs are being flagged, you probably need to look at more than just putting the fortigate in place. I would look at conducting a cyber security assessment. Keeper Security actually has a pretty good high level checklist of what you should be looking at. Its not all inclusive, but its a good starting point.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.