Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Online Help

    7.0.5
    7.2.0
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.2
    6.2.1
    6.2.0
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Bluecoat start options

    Bluecoat start options

    Forticonverter supports conversion to either Fortigate or FortiProxy devices. The converted config would be slightly different in interface and/or Proxy Policy category.

    This table lists the start settings.

    Setting

    Description

    Profile

    Description

    Enter a description of the configuration.

    Output Options

    Output Format

    Select whether to convert to FortiGate or FortiProxy device.

    FOS Version

    The configuration syntax is slightly different among FortiOS 6.4, 7.0, 7.2, and 7.4. Select the version that corresponds to the FortiOS version on the target.

    Input

    Source Configuration

    Select the input file.

    Conversion Options

    Discard unreferenced firewall objects

    Specifies whether addresses, schedules, and services that are not referenced by a policy are saved and added to the output. This option can be useful if your target device has table size limitations. You can view the unreferenced objects that FortiConverter removed in the Tuning page.

    Increase Address and Service Table Sizes for High-End Models

    You can customize the maximum table sizes that

    FortiConverter uses when Adjust table sizes is selected. For more information, see Adjusting table sizes

    Policy index start from 1 instead of 10000

    When selected, the serial number of firewall policies will start from 1 instead of 10000.

    Convert as custom local category

    Bluecoat custom category URLs & URIs will be converted into FPX custom local category URLs

    Use "webproxy" as default service

    When this option is enabled, FortiConverter uses the predefined service "webproxy" by default as the service of proxy policies when no specific service is specified.

    When this option is disabled, FortiConverter uses service "ALL" by default

    DNS is not in use in the migrated device

    This option is for FortiProxy migration only. When the device cannot do DNS lookup by itself, the conversion result will have the following two differences:

    1. FQDN addresses cannot be used, so the web URLs will be converted into proxy addresses with Regex matching.
    2. When a forwarding layer is defined in the Bluecoat device, the forwarding will not be performed by proxy policies in FortiProxy, but by URL matches instead.

    Comment Options

    Include input configuration lines for each output policy

    Specifies whether FortiConverter includes the input configuration lines used for each FortiGate policy in the FortiGate configuration as a policy comment.

    Domain Name Conversion Options

    Convert to FQDN addresses,

    e.g: set fqdn "domain.name"

    Convert the Bluecoat objects which have domain names as contents into FQDN addresses.

    Convert to FQDN addresses with wildcard prefix "*.", e.g: set fqdn "*.domain.name"

    Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start with “*.”.

    Convert to host-regex proxy addresses,

    e.g: set host-regex "domain\.name"

    Convert the Bluecoat objects which have domain names as contents into host-regex proxy addresses.

    Convert to FQDN addresses with wildcard prefix and suffix "*",

    e.g: set fqdn "*domain.name*"

    Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start and end with “*”.

    Previous
    Next

    Bluecoat start options

    Bluecoat start options

    Forticonverter supports conversion to either Fortigate or FortiProxy devices. The converted config would be slightly different in interface and/or Proxy Policy category.

    This table lists the start settings.

    Setting

    Description

    Profile

    Description

    Enter a description of the configuration.

    Output Options

    Output Format

    Select whether to convert to FortiGate or FortiProxy device.

    FOS Version

    The configuration syntax is slightly different among FortiOS 6.4, 7.0, 7.2, and 7.4. Select the version that corresponds to the FortiOS version on the target.

    Input

    Source Configuration

    Select the input file.

    Conversion Options

    Discard unreferenced firewall objects

    Specifies whether addresses, schedules, and services that are not referenced by a policy are saved and added to the output. This option can be useful if your target device has table size limitations. You can view the unreferenced objects that FortiConverter removed in the Tuning page.

    Increase Address and Service Table Sizes for High-End Models

    You can customize the maximum table sizes that

    FortiConverter uses when Adjust table sizes is selected. For more information, see Adjusting table sizes

    Policy index start from 1 instead of 10000

    When selected, the serial number of firewall policies will start from 1 instead of 10000.

    Convert as custom local category

    Bluecoat custom category URLs & URIs will be converted into FPX custom local category URLs

    Use "webproxy" as default service

    When this option is enabled, FortiConverter uses the predefined service "webproxy" by default as the service of proxy policies when no specific service is specified.

    When this option is disabled, FortiConverter uses service "ALL" by default

    DNS is not in use in the migrated device

    This option is for FortiProxy migration only. When the device cannot do DNS lookup by itself, the conversion result will have the following two differences:

    1. FQDN addresses cannot be used, so the web URLs will be converted into proxy addresses with Regex matching.
    2. When a forwarding layer is defined in the Bluecoat device, the forwarding will not be performed by proxy policies in FortiProxy, but by URL matches instead.

    Comment Options

    Include input configuration lines for each output policy

    Specifies whether FortiConverter includes the input configuration lines used for each FortiGate policy in the FortiGate configuration as a policy comment.

    Domain Name Conversion Options

    Convert to FQDN addresses,

    e.g: set fqdn "domain.name"

    Convert the Bluecoat objects which have domain names as contents into FQDN addresses.

    Convert to FQDN addresses with wildcard prefix "*.", e.g: set fqdn "*.domain.name"

    Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start with “*.”.

    Convert to host-regex proxy addresses,

    e.g: set host-regex "domain\.name"

    Convert the Bluecoat objects which have domain names as contents into host-regex proxy addresses.

    Convert to FQDN addresses with wildcard prefix and suffix "*",

    e.g: set fqdn "*domain.name*"

    Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start and end with “*”.

    Previous
    Next