Fortinet white logo
Fortinet white logo

Handbook

Network Security

Network Security

The Network Security menu contain features and configurations that allow you to protect your network against malicious attacks.

This section is organized into the following sub-menu topics:

Security features basics

In most deployment scenarios, we recommend you deploy FortiGate to secure your network. Fortinet includes security functionality in the FortiADC system to support those cases when deploying FortiGate is impractical. FortiADC includes the following security features:

  • Firewall—Drop traffic that matches a source/destination/service tuple you specify.
  • Security connection limit—Drop an abnormally high volume of traffic from a source/destination/service match.
  • IP Reputation service—Drop or redirect traffic from source IPs that are on the FortiGuard IP Reputation list.
  • Geo IP—Drop or redirect traffic from source IPs that correspond with countries in the FortiGuard Geo IP database.
  • Web application firewall—Drop or alert when traffic matches web application firewall attack signatures and heuristics.
  • AntiVirus—Drop traffic that matches in FortiSandbox's Malware Signature Database.
  • Denial of service protection—Drop half-open connections to protect the system from a SYN flood attack.
  • IPS—Protect the system based on a robust FortiGuard pattern / signature-based engine.

Network Security

Network Security

The Network Security menu contain features and configurations that allow you to protect your network against malicious attacks.

This section is organized into the following sub-menu topics:

Security features basics

In most deployment scenarios, we recommend you deploy FortiGate to secure your network. Fortinet includes security functionality in the FortiADC system to support those cases when deploying FortiGate is impractical. FortiADC includes the following security features:

  • Firewall—Drop traffic that matches a source/destination/service tuple you specify.
  • Security connection limit—Drop an abnormally high volume of traffic from a source/destination/service match.
  • IP Reputation service—Drop or redirect traffic from source IPs that are on the FortiGuard IP Reputation list.
  • Geo IP—Drop or redirect traffic from source IPs that correspond with countries in the FortiGuard Geo IP database.
  • Web application firewall—Drop or alert when traffic matches web application firewall attack signatures and heuristics.
  • AntiVirus—Drop traffic that matches in FortiSandbox's Malware Signature Database.
  • Denial of service protection—Drop half-open connections to protect the system from a SYN flood attack.
  • IPS—Protect the system based on a robust FortiGuard pattern / signature-based engine.