Fortinet white logo
Fortinet white logo

Administration Guide

Workflow

Workflow

Begin with How to set up your FortiWeb for your initial deployment. These instructions guide you to the point where you have a simple working configuration.

Ongoing use is located in subsequent chapters, and includes instructions for processes including:

  • Backing up FortiWeb
  • Updating FortiWeb
  • Configuring optional features
  • Adjusting policies if:
  • New attack signatures become available
  • Requirements change
  • Fine-tuning performance
  • Periodic web vulnerability scans if required by your compliance regime
  • Monitoring for defacement or focused, innovative attack attempts from advanced persistent threats (APTs)
  • Monitoring for accidentally blacklisted client IPs

Because policies consolidate many protection components, you should configure policies after you've configured those components.

This figure illustrates the general configuration process:

This figure illustrates the configuration process for setting up DoS protection:

  1. Configure anti-DoS settings for each type:
  • Group the settings together into a comprehensive anti-DoS policy (Grouping DoS protection rules).
  • Select the anti-DoS policy in a protection profile, and enable Configuring a protection profile for inline topologies (Configuring a protection profile for inline topologies).
  • Select the protection profile in a server policy (Configuring an HTTP server policy).
  • Workflow

    Workflow

    Begin with How to set up your FortiWeb for your initial deployment. These instructions guide you to the point where you have a simple working configuration.

    Ongoing use is located in subsequent chapters, and includes instructions for processes including:

    • Backing up FortiWeb
    • Updating FortiWeb
    • Configuring optional features
    • Adjusting policies if:
    • New attack signatures become available
    • Requirements change
    • Fine-tuning performance
    • Periodic web vulnerability scans if required by your compliance regime
    • Monitoring for defacement or focused, innovative attack attempts from advanced persistent threats (APTs)
    • Monitoring for accidentally blacklisted client IPs

    Because policies consolidate many protection components, you should configure policies after you've configured those components.

    This figure illustrates the general configuration process:

    This figure illustrates the configuration process for setting up DoS protection:

    1. Configure anti-DoS settings for each type:
  • Group the settings together into a comprehensive anti-DoS policy (Grouping DoS protection rules).
  • Select the anti-DoS policy in a protection profile, and enable Configuring a protection profile for inline topologies (Configuring a protection profile for inline topologies).
  • Select the protection profile in a server policy (Configuring an HTTP server policy).