Configure FortiGate and FortiClient (v5.0.2) IPSec VPN for Secure Remote Access to Work Network
All Videos »
Fortinet IPS offers a wide range of features that can be used to monitor and block malicious network activity including; predefined and custom signatures, protocol decoders, out-of-band mode (or one-arm IPS mode), packet logging, and IPS sensors. Backed by automatic, real-time updates delivered by FortiGuard Global Threat Research Team, FortiGate NGFW technology leverages a database of thousands of unique attack signatures as well as anomaly-based detection techniques that enables the system to stop attacks that might evade conventional firewall defenses and recognize threats for which no signature has yet been developed.
Traditional firewall protection detects and restricts applications by port, protocol and server IP address, and cannot detect malicious content or abnormal behavior in many web-based applications. Next generation firewall technology from Fortinet with Application Control allows you to identify and control applications on networks and endpoints regardless of port, protocol, and IP address used. It gives you unmatched visibility and control over application traffic, even unknown applications from unknown sources and inspects encrypted application traffic. Protocol decoders normalize and discover traffic from applications attempting to evade detection via obfuscation techniques. Following identification and decryption, application traffic is either blocked, or allowed and scanned for malicious payloads. In addition, application control protocol decoders detect and decrypt tunneled IPsec VPN and SSL VPN traffic prior to inspection, ensuring total network visibility. Application control even decrypts and inspects traffic using encrypted communications protocols, such as HTTPS, POP3S, SMTPS and IMAPS.
When a user attempts to access network resources, Fortinet Next Generation Firewalls will identify the user from a list of names, IP addresses and Active Directory group memberships that it maintains locally. The connection request will be allowed only if the user belongs to one of the permitted user groups, and the assigned firewall policy will be applied to all traffic to and from that user.
Security virtualization rapidly became the answer to our needs and only Fortinet could offer to virtualize all the essential security functions on a single platform that would scale to thousands of users. On top of the strong performance and flexibility of Fortinet's appliances, we were impressed with Fortinet's management and reporting tools, which will allow us to provide a unique Web interface to our customers so that they have easy control and visibility over their security service.