Fortinet black logo

FortiLAN Cloud User Guide

Home FortiLAN Cloud 23.2.0 FortiLAN Cloud User Guide
23.2.0
24.1.0
23.4.0
23.3.0
23.2.0
23.1.0
22.4.0
22.3.0

Security

Security

The following security features can be configured in the SSID.

Application control

FortiLAN Cloud allows you to configure UTP on FortiAP endpoints (for supported models) to detect traffic in specific categories generated by a large number of applications. You can specify what action to take with the application traffic; allow, monitor, or block. Application control supports traffic detection using the HTTP protocol and uses deep application inspections to detect traffic for better control and coverage. You can select specific application signatures in the supported categories to configure and override the action set generally for all categories.

Web Access

You can control access to web content by blocking web pages containing specific words or patterns. The web access feature scans the content of every web page that is accepted by a security policy. You can use the following multiple web content filter lists.

  • Allow General Interest Sites Only
  • Allow General Interest Sites and Bandwidth Consuming Sites
  • Allow All Sites except Security Risk
  • Advanced Configuration

In advanced configuration, you can configure the action to be taken for web pages of specific categories. You can also specify words, phrases, patterns, wildcards and Perl regular expressions to match content on web pages.

Block Botnet

FortiLAN Cloud allows you to enable botnet monitoring and blocking across all network traffic.

Intrusion Prevention

Intrusion Prevention System (IPS) detects network attacks and prevents threats from compromising the network, including protected devices. You can enable protection of wireless clients from being attacked by Internet hosts and vice versa.

IPS sensors can contain one or more IPS filters that you can configure. A filter is a collection of signature attributes, the following are the attribute groups.

  • Target
  • Severity
  • Service
  • OS
  • Application

When selecting multiple attributes within the same group, the selections are combined by using a logical OR. When selecting multiple attributes between attribute groups, each attribute group is combined by using a logical AND.

Once you select filters in the GUI, the filtered list of IPS signatures are displayed. Adjust your filters accordingly to construct a suitable list for your needs.

AntiVirus

The Antivirus feature protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content. The Antivirus database type selection depends on the network and security needs. The following protocols are inspected.

  • HTTP
  • SMTP
  • POP3
  • IMAP
  • FTP
Previous
Next

Security

The following security features can be configured in the SSID.

Application control

FortiLAN Cloud allows you to configure UTP on FortiAP endpoints (for supported models) to detect traffic in specific categories generated by a large number of applications. You can specify what action to take with the application traffic; allow, monitor, or block. Application control supports traffic detection using the HTTP protocol and uses deep application inspections to detect traffic for better control and coverage. You can select specific application signatures in the supported categories to configure and override the action set generally for all categories.

Web Access

You can control access to web content by blocking web pages containing specific words or patterns. The web access feature scans the content of every web page that is accepted by a security policy. You can use the following multiple web content filter lists.

  • Allow General Interest Sites Only
  • Allow General Interest Sites and Bandwidth Consuming Sites
  • Allow All Sites except Security Risk
  • Advanced Configuration

In advanced configuration, you can configure the action to be taken for web pages of specific categories. You can also specify words, phrases, patterns, wildcards and Perl regular expressions to match content on web pages.

Block Botnet

FortiLAN Cloud allows you to enable botnet monitoring and blocking across all network traffic.

Intrusion Prevention

Intrusion Prevention System (IPS) detects network attacks and prevents threats from compromising the network, including protected devices. You can enable protection of wireless clients from being attacked by Internet hosts and vice versa.

IPS sensors can contain one or more IPS filters that you can configure. A filter is a collection of signature attributes, the following are the attribute groups.

  • Target
  • Severity
  • Service
  • OS
  • Application

When selecting multiple attributes within the same group, the selections are combined by using a logical OR. When selecting multiple attributes between attribute groups, each attribute group is combined by using a logical AND.

Once you select filters in the GUI, the filtered list of IPS signatures are displayed. Adjust your filters accordingly to construct a suitable list for your needs.

AntiVirus

The Antivirus feature protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content. The Antivirus database type selection depends on the network and security needs. The following protocols are inspected.

  • HTTP
  • SMTP
  • POP3
  • IMAP
  • FTP
Previous
Next