Professional Documents
Culture Documents
Fortigate - Huong Dan Cau Hinh FortiGate PDF
Fortigate - Huong Dan Cau Hinh FortiGate PDF
Fortigate - Huong Dan Cau Hinh FortiGate PDF
HYPERLOGY
----------[\----------
HNG DN
CU HNH FORTIGATE FIREWALL
H ni 10/2007
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Mc lc
1.
1.1.
1.2.
2
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
1.2. Cc n bo hiu
Hin th trng thi ca FortiGate : ngun,trng thi ca cc Interface
Power : c cc trng thi sau:
Nhp nhy : FortiGate ang khi dng
Xanh : FortiGate ang hot ng bnh thng
Tt : FortiGate tt ngun
Internal,WAN.DMZ c cc trng thi sau :
Xanh : cp u ni ng s dng, thit b u ni n bt.
Nhp nhy : mng ang hot ng trn Interface ny.
Tt : cha c kt ni
Link : Nu xanh l mng ang hot ng tc 100Mbps
2. Cu hnh FortiGate
2.1. Cc cch truy nhp cu hnh FortiGate
FortiGate h tr cc phng thc truy nhp v cu hnh sau:
Console:
http:
https:
telnet:
ssh:
snmp:
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
a ch IP mc nh ca cc giao din :
Internal : 192.168.1.99/24
WAN1 : 192.168.100.99/24
WAN2 : 192.168.101.99/24
DMZ : 10.10.10.1/24
Giao thc cho php truy nhp mc nh: telnet, http, https,
2.3. Cc bc cu hnh
Cu hnh FortiGate cn tun theo cc bc sau:
Cu hnh mode hot ng ca FortiGate:
Cu hnh cc giao din
Cu hnh DHCP
Cu hnh cc a ch v vng a ch
Cu hnh cc dch v
Cu hnh cc Protection profile
Cu hnh cc Policy
Cu hnh Virtual IP
Cu hnh dch v AntiVirus
Cu hnh dch v AntiSpam
Cu hnh dch v IPS
Cu hnh dch v Web filter
Cu hnh ghi log
4
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Tn truy cp : admin
Mt khu
: trng
Chn "Login" , sau chn System Network
Ti ct Access hin th cho ta thy cc Mode c php hot ng trn tng giao din.
Mun thay i Mode ca tng giao din ,ti cui dng ca giao din cn i Mode ta chn
nt
thay i Mode theo yu cu.
5
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
6
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
7
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
V d :
9
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Khi ta s thy :
10
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Source :
Interface/Zone :Giao din ngun
Address Name: tn ca a ch ngun (a ch c nh ngha trn)
Destination :
Interface/Zone :Giao din ch
Address Name :tn ca a ch ch (a ch c nh ngha trn)
12
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
14
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Email address
y l vic lc Email theo a ch c th ca ngi gi hoc ton b Email ca 1
domain no .Ta c th nh du mi a ch Email l "clear" hay "spam".
15
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
16
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Anormaly
Danh sch pht hin cc du hiu anormaly ch c cp nht khi Update Firmware.
Console, telnet, ssh
Tham kho thm trong ti liu hoc trn trang web:
http://kc.forticare.com/
17
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
URL Block
Ta c th thm vo cc URL hoc 1 s cc URL c qung b cng
khai sn c cm truy cp .Cc mc c th vo URL block list :
- Cc URL y
- a ch IP
-Tng phn ring r ca cc URL cm cc sub-domain
URL Exempt
Ta c th cu hnh c th cc URL c php truy cp t Web filtering.Cc
URL trong danh sch Exempt khng b qut Virus.
Category Block
y l dch v c license tng t FortiShield
Script Filter
18
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Memory : Qun l thng tin b nh h thng ca FortiGate .Lu lng v content log
khng
c lu li b nh m. Khi b nh y ,cc thng c nht s b
ghi .
Tt c cc mc ca Log s b xa khi h thng khi ng li.
"Level" l la
chn cch thc cnh bo .
19
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
20
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
22
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
4. Theo di hot ng
4.1. Mn hnh Status
Ta login vo h thng, chn "System"-"Status".
System Status : cho bit thi gian hot ng ca firewall, ng h hin ti ca h thng
Unit Information : cho bit tn ca thit b ,Firmware version , FortiGuard AV
Definitions, FortiGuard Intrution Definitions ,Serial Number,Operation
Mode
Recent Virus Detections : ch r thi gian-ngun-ch-dch v-tn Virus qut c
Interface Status : cho bit tnh trng ca ton b cc giao din ca h thng ( IP,trng
thi...)
System Resource : tnh trng ca CPU,b nh ,s lng cc session ang active, vic s
dng mng ...
Automatic Refresh Interval : la chn iu khin chu k cp nht hin th tnh trng
ca h thng
Refresh : Cp nht hin th tnh trng ca h thng bng tay
Recent Intrusion Detections : pht hin s tn cng hin thi.
23
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
24
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Ta chn vo nt
cho file backup ny.
( s hin th "Backup")
25
Ti liu hng cu hnh thit b
Cng ty C phn u t Pht trin Cng ngh ng dng Ton Cu Hyperlogy JSC
Tel: +84 4 6405636 Fax: +84 4 6405639 Website: http://www.hyperlogy.com
Sau nhp mt khu cho file cu hnh ny. Tip n ta chn ni lu cu hnh ny.
26
Ti liu hng cu hnh thit b