Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • NGFW ATP Deployment Guide

    Home FortiGate / FortiOS 7.4.4 NGFW ATP Deployment Guide
    7.4.4
    7.4.4

    Enterprise edge deployment overview

    Enterprise edge deployment overview

    In this document, deployment procedures to implement Advanced Threat Protection on an edge FortiGate are discussed. Readers will be introduced to many of the features available in the Intrusion Prevention (IPS) and Antivirus (AV) Security Profiles and guidance is provided to assist with how to configure these profiles according to your environment and needs.

    Intended audience

    This guide assumes the reader is familiar with the basic concepts of applications, networking, routing, security, and has a basic understanding of network architectures. For implementation, a working knowledge of FortiOS networking and policy configuration is advised, as well as an understanding of PKI and how deep inspection works. Readers should have reviewed the concept and architecture guide and have a firm understanding of where IPS and AV will be implemented in their network.

    About this guide

    The deployment guide serves the purpose of going through the design and deployment steps involved in deploying AV and IPS on an edge FortiGate. Readers should first evaluate their environment to determine whether the architecture and design outlined in this guide is suitable for them. It is advisable to review the Reference Architecture Guide if readers are still in the process of selecting the right architecture.

    This deployment guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product admin guides, example guides, cookbooks, release notes and other documents where appropriate.

    Certificates are leveraged when implementing Deep Packet Inspection, which is a requirement for effective AV and IPS security. Certificate generation is not covered in this guide.

    Previous
    Next

    Enterprise edge deployment overview

    Enterprise edge deployment overview

    In this document, deployment procedures to implement Advanced Threat Protection on an edge FortiGate are discussed. Readers will be introduced to many of the features available in the Intrusion Prevention (IPS) and Antivirus (AV) Security Profiles and guidance is provided to assist with how to configure these profiles according to your environment and needs.

    Intended audience

    This guide assumes the reader is familiar with the basic concepts of applications, networking, routing, security, and has a basic understanding of network architectures. For implementation, a working knowledge of FortiOS networking and policy configuration is advised, as well as an understanding of PKI and how deep inspection works. Readers should have reviewed the concept and architecture guide and have a firm understanding of where IPS and AV will be implemented in their network.

    About this guide

    The deployment guide serves the purpose of going through the design and deployment steps involved in deploying AV and IPS on an edge FortiGate. Readers should first evaluate their environment to determine whether the architecture and design outlined in this guide is suitable for them. It is advisable to review the Reference Architecture Guide if readers are still in the process of selecting the right architecture.

    This deployment guide presents one of possibly many ways to deploy the solution. It may also omit specific steps where readers must make design decisions to further configure their devices. It is recommended that readers also review supplementary material found in product admin guides, example guides, cookbooks, release notes and other documents where appropriate.

    Certificates are leveraged when implementing Deep Packet Inspection, which is a requirement for effective AV and IPS security. Certificate generation is not covered in this guide.

    Previous
    Next