Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Protected by default config or not?

I have a FGT 60F installed with software installed for Intrusion Prevention, AntiVirus, Web Filtering, and Outbreak Prevention.


If I do nothing, does each of these four software modules have default settings that automatically protect me?


Or do I need to enable/configure each module individually?
(forgive me if this is a naive question, but I have not been able to get a straight answer from anyone, yet.)




You don't get a straight answer, because there isn't. A default value which will protect all possible environments will practically have block access to internet. 

-AntiVirus default will protect you as overall there is not a lot to modify on it.


-WebFilter block URLs, by default it will block domains rated as security risk and some potentially liable but other than that it is up to you to define what websites you want to be allowed in your network.


-Intrusion prevention  there are a few default settings which will block the most common vulnerabilities and it might work for your case, but you can't block all as this will lead to a lot of false positives and technically block your internet. You need to know what you are protecting and from what you are protecting it - do you have linux servers or windows servers ? What services their are running ? What patches they have and what vulnerabilities they are vulnerable to etc.. Ideally you will have to tweak it.

- App control - similar to web filter, what apps you want to allow and what not, it will be different for every environment.




Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors