Hello Fortinet Community,
I'm delving into the configurations of Fortinet and am in need of your expertise. Here are some areas where I’m looking for guidance:
Preference for Policy-Based Mode: My preference leans towards the policy-based mode for the following reasons:
It aligns with the methodologies of other firewall manufacturers.
Application-Based Firewall implementation seems most straightforward in this mode.
It simplifies management by integrating individual NAT rulebooks.
I would love to hear your thoughts on this and any nuances in logging capabilities that might differ from other modes.
Log Management in Different Rule Sets: A crucial area I'm struggling with is understanding where exactly on the FortiGate I can view logs from different rule sets. How can I efficiently troubleshoot the rulebook if I can't easily correlate the logs with their respective rule sets? Any insights into navigating the log system for better rule set management would be immensely helpful.
Sequence of SSL Authentication vs. Security Rule Processing: I'm also trying to understand the sequence in which the SSL authentication and security rulebooks are processed. Is there a standard procedure in which one is prioritized over the other? Understanding this sequencing could significantly impact how I configure and troubleshoot my settings.
Thank you for your time and insights. Your advice and experiences will be invaluable in enhancing my understanding of these topics.
Best regards,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
I configured few FG in policy mode and I found the following limitations.
I always felt profile based is easy to manage . When the number of policies are high, using the profiles makes it easier to apply changes to group of policies using same profiles.
Regarding logs matching specific rules, right click on policy name and use "show matching logs" .
Regarding SSL authentication part, do you mean the authentication on firewall policies and the UTM/IPS profiles processing order? Ideally the authentication check should happen first to confirm policy match and then the additional inspections takes place .
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.