Professional Documents
Culture Documents
03-Cau Hinh FortiGate
03-Cau Hinh FortiGate
Cu hnh FortiGate
Nguyn Hu Tin Hyperlogy JSC.
Ni dung
Cu hnh FortiGate
Cu hnh giao din, zone, a ch, cc dch v, di ch policy, profile, profile,
Hyperlogy JSC.
Hyperlogy JSC.
Hyperlogy JSC.
Hyperlogy JSC.
Hyperlogy JSC.
Cu hnh zone
System->Network->Zone System- >Network-
Hyperlogy JSC.
Cu hnh zone
Trong phn cu hnh zone ta c th nhm ph th nh cc giao din vo cng mt zone. di Mc ch c th to lut cho zone gm th lu nhiu giao din cng map mt lut. nhi di lu Hin th lung thng tin gia cc giao din Hi th lu gi di trong cng mt zone nu chn block. ch
Hyperlogy JSC. 9
Hyperlogy JSC.
11
Cu hnh Update
Mun update phi ng k sn phm trn Mu ph ph trang: trang:
http://support.fortinet.com
C 2 cch update:
Update bng tay. tay. Update t ng. ng.
Hyperlogy JSC.
12
Cu hnh Update
Update bng tay
Update Antivirus cho Firewall Update h iu hnh cho Firewall
Hyperlogy JSC.
13
Cu hnh Update
Update t ng: ng:
System->Maintenance->Update Center System- >Maintenance-
Hyperlogy JSC.
14
Hyperlogy JSC.
15
Hyperlogy JSC.
16
Hyperlogy JSC.
17
Hyperlogy JSC.
18
Hyperlogy JSC.
19
Hyperlogy JSC.
20
Cu hnh a ch ch
Hyperlogy JSC.
21
Cu hnh a ch ch
Vo tn v lp a ch cn thm. ch thm. Mc ch: Khi to lut trong phn Policy c ch: lu ph th s dng cc vng a ch to ra. th ch ra. Phn Group l to mt nhm cc a ch Ph nh ch cn dng. . ng
Hyperlogy JSC.
22
Cu hnh dch v
Dch v
Hyperlogy JSC.
23
Cu hnh dch v
Custom: To dch v theo ngi s dng ng
Hyperlogy JSC.
24
Cu hnh dch v
Nhm: To nhm dch v theo ngi s Nh nh ng dng
Hyperlogy JSC.
25
Cu hnh policy
Mc ny l mc quan trng nht ca tr nh Firewall. Cu hnh Policy cho php cc vng i vo ph nhau c s dng dch v g. V d:
T Internal vo Wan1 c s dng dch v http. T Dmz vo Internal c s dng dch v LotusNote. LotusNote.
Hyperlogy JSC. 26
Cu hnh policy
Hyperlogy JSC.
27
Cu hnh Policy
Hyperlogy JSC.
28
Cu hnh VIP
VIP Chc nng dng map mt trang web hoc Ch ho mt dch v no trong mng ni b ra ngoi ngo internet thng qua mt a ch IP public bn ch ngoi. ngo VIP c 2 ch l Static nat v Port Forwarding. ch
Static nat l nat tnh mt a ch tht t ngoi vo ch th ngo trong. trong. Port Forwarding l nat mt port t a ch ngoi vo ch ngo mt port trong ca mt a ch bn trong. ch trong.
Hyperlogy JSC. 29
Cu hnh VIP
Hyperlogy JSC.
30
10
Cu hnh profile
Chc nng ny dng kch hot tnh Ch ho nng lc chn virus, chn file, chn spam, ch ch ch lc web, chng tn cng IPS. ch Mc nh c cc Protection Profile sau: sau:
Strict, scan, web, unfiltered. Ngi s dng c th to thm cc Profile Ng th khc theo yu cu s dng. kh ng.
Hyperlogy JSC.
31
Cu hnh profile
Hyperlogy JSC.
32
Cu hnh Profile
To mt Profile mi:
Hyperlogy JSC.
33
11
Cu hnh IPS
IPS chng tn cng h thng do cc bug ch th ca chng trnh ng dng ang chy. tr ch
Signature: Cc mu tn cng ng dng sn c . Animaly: Tnh bt thng ca lung tin qua Animaly: th lu li. Nh icmp, v.v icmp, v.v
Hyperlogy JSC.
34
Cu hnh IPS
Hyperlogy JSC.
35
Cu hnh AntiVirus
Tnh nng ny chng cc loi virus c ch lo cp nht qua cc trung tm nghin cu nh ca fortinet trn ton th gii. to th gi Phn ny c 2 tnh nng chnh l Ph ch
File block. Virus List.
Hyperlogy JSC.
36
12
Cu hnh IPS
Hyperlogy JSC.
37
Cu hnh AntiSpam
Spam l mt vn rt ln trn th gii th gi hin nay. hi Vic lc chn spam rt kh khn do spam Vi ch kh c bin i di nhiu hnh thc khc bi d nhi th kh nhau. Ph bin nht by gi l th rc. nhau. Ph bi nh gi Trong firewall FG c tnh nng chng spam ch theo cc mc sau: sau:
Fortiguard Antispam IP address
Hyperlogy JSC. 38
Cu hnh AntiSpam
DNSBL Email-address EmailMime Headers Banned Word
Hyperlogy JSC.
39
13
Hyperlogy JSC.
40
Cu hnh Lc Web
Hyperlogy JSC.
41
Xem log
Xem event. Xem tn cng. cng. Xem virus tn cng. cng. Xem spam. Xem thng tin v trang c lc.
Hyperlogy JSC. 42
14
Hyperlogy JSC.
43
Hyperlogy JSC.
44
Cu hnh CLI
Nu s dng cu hnh qua cng console th c th s dng cc cng c sau: th th sau:
HyperTerminal SecureCRT v.v.v. v.v.v.
Hyperlogy JSC.
45
15
Cu hnh CLI
Hyperlogy JSC.
46
Cu hnh CLI
S dng dng lnh c th kim tra c th ki gi tin ang i v debug c li xy ra trong qu trnh kt ni trn Firewall. qu tr V d
diagnose sniffer packet internal 'tcp and port 80 'tcp 80 diagnose debug application ike 7 diagnose debug enable
Hyperlogy JSC.
47
Cu hnh CLI
Nu s dng cu hnh qua cng console th c th s dng cc cng c sau: th th sau:
HyperTerminal SecureCRT v.v.v. v.v.v.
Hyperlogy JSC.
48
16
Trn trng cm n ! tr
Hyperlogy JSC.
17