IPv6
|
Allows you to configure the following IPv6 features from the GUI: network interface addresses, trusted hosts for administration, static routes, policy routes, security policies, and firewall addresses.
|
VPN
|
Creates secure communication channels between networks and allows remote users to safely connect to secure private networks using SSL-VPN, IPsec VPN, and FortiClient. Adds the VPN > IPsec Tunnels and VPN > SSL-VPN Settings menus.
|
Allow Unnamed Policies
|
Relaxes the requirement for every policy to have a name when created in GUI.
|
Certificates
|
Controls the visibility of the System > Certificates menu.
Allows you to change the certificates used for SSL inspection, SSL load balancing, SSL-VPN, IPsec VPN, and authentication. If Certificates is not enabled, default FortiProxy certificates are used.
|
ICAP
|
Controls the visibility of the Content Analyses > ICAP Profile, Content Analyses > ICAP Remote Servers, and Content Analyses > ICAP Local Servers pages.
Allows you to offload services to an external server. These services can include: ad insertion, virus scanning, content and language translation, HTTP header or URL manipulation, and content filtering. You can also use this feature to set up profiles and add them to security policies.
|
Local Reports
|
Controls whether you cna view PDF security reports in the GUI.
|
Implicit Firewall Policies
|
Firewall policy lists end with an implicit policy that denies all traffic. Enable this feature to see these policies on firewall policy lists in the GUI. You can edit an implicit policy and enable logging to record log messages when the implicit policy denies a session.
|
Multiple Interface Policies
|
Allows the configuration of policies with multiple source/destination interfaces.
|
Multiple Security Profiles
|
Allows you to create more than one antivirus profile, web filter profile, application sensor, IPS sensor, antispam profile, DLP sensor, VoIP profile (if enabled), and ICAP profile (if enabled). You can also select the individual UTM profiles in security policies. Enable multiple UTM profiles if you need different levels of UTM protection for different traffic streams.
|
Policy-based IPsec VPN
|
Configures policy-based IPsec tunnels. When enabled, an option is added when creating phase 1 IPsec tunnels to determine if they are interface based or policy based. There will also be an option added under Policy & Objects > Policy to select IPsec as a subtype for VPN policies, and an option to select the IPsec tunnel to use.
|
SSL-VPN Personal Bookmark
|
Allows you to view personal bookmarks added by SSL-VPN users to their
portal pages. Adds the VPN > SSL-VPN Personal Bookmarks menu. Also
allows you to delete usersʼ personal bookmarks.
|
SSL-VPN Realms
|
Allows you to create customized realms for different SSL-VPN users and
groups. Adds the VPN > SSL-VPN Realms menu. Allows you to associate
realms with users and groups in the Authentication/Portal Mapping table
under VPN > SSL-VPN Settings.
|
Traffic Shaping
|
Allows you to configure policies to define how specific types of traffic are shaped by the FortiProxy unit.
|
Anti-Spam Filter
|
Controls the visibility of the Security Profiles > Anti-Spam menu.
Allows you to detect and filter spam. Set up anti-spam profiles (under Security Profiles > Anti-Spam) and add them to firewall policies. Some features require a subscription to FortiGuard Anti-Spam.
|
AntiVirus
|
Controls the visibility of the Security Profiles > AntiVirus menu.
Allows you to remove viruses, analyze suspicious files with FortiSandbox, and apply botnet protection to network traffic. Set up antivirus profiles (Security Profiles > AntiVirus) and add them to firewall policies. This feature requires a subscription to FortiGuard AntiVirus.
|
Application Control
|
Controls the visibility of the Security Profiles > Application Control menu.
Allows you to visualize and control the applications on your network. Set up application sensors (under Security Profiles > Application Control) and add them to firewall policies. This feature requires a subscription to Application Control Signatures.
|
DLP
|
Controls the visibility of the Security Profiles > Data Leak Prevention menu.
Allows you to prevent sensitive data, like credit card and social security numbers, from leaving or entering your network. Set up DLP sensors (under Security Profiles > Data Leak Prevention) and add them to firewall policies.
|
DNS Filter
|
Controls the visibility of the Security Profiles > DNS Filter menu.
Allows you to apply DNS category filtering, URL filtering to control a userʼs access to web resources. Set up DNS filter profiles (under Security Profiles > DNS Filter) and add them to firewall policies or add them to a DNS server on a FortiProxy interface. Some features require a subscription to FortiGuard Web Filtering.
|
Intrusion Prevention
|
Controls the visibility of the Security Profiles > Intrusion Prevention menu.
Allows you to detect and block network-based attacks. You can set up IPS sensors (under Security Profiles > Intrusion Prevention) and add them to security policies. This feature requires a subscription to FortiGuard IPS.
|
Web Filter
|
Controls the visibility of the Security Profiles > Web Filter menu.
Allows you to apply web category filtering, URL filtering, and content filtering to control user's access to web resources. You can set up web filter profiles (Security Profiles > Web Filter) and add them to firewall policies. Some features require a subscription to FortiGuard Web Filtering.
|