Chapter 2 – Getting Started

Leave a reply

Restoring a configuration

Should you need to restore a configuration file, use the following steps:

 

 

To restore the FortiGate configuration – GUI

1. Go to the Dashboard and locate the System Information widget.

2. Beside System Configuration, select Restore.

3. Select to upload the configuration file to be restored from your Local PC or a USB key.

The USB Disk option will be grayed out if no USB drive is inserted in the USB port. You can restore from the

FortiManager using the CLI.

4. Enter the path and file name of the configuration file, or select Browse to locate the file.

5. Enter a password if required.

6. Select Restore.

 

To back up the FortiGate configuration – CLI

execute restore config management-station normal 0

… or …

execute restore config usb <filename> [<password>]

… or for FTP, note that port number, username are optional depending on the FTP site…

execute backup config ftp <backup_filename> <ftp_server> [<port>] [<user_

name>] [<password>]

… or for TFTP …

execute backup config tftp <backup_filename> <tftp_server> <password>

The FortiGate will load the configuration file and restart. Once the restart has completed, verify that the configuration has been restored.

 

Configuration revisions

The Revisions options on the System Information widget enables you to manage multiple versions of configuration files. Revision control requires either a configured central management server, or FortiGates with

512 MB or more of memory. The central management server can either be a FortiManager unit or the FortiCloud.

When revision control is enabled on your unit, and configurations have been backed up, a list of saved revisions of those backed-up configurations appears.

 

Restore factory defaults

There may be a point where need to reset the FortiGate to its original defaults; for example, to begin with a fresh configuration. There are two options when restoring factory defaults. The first resets the entire device to the original out-of-the-box configuration:

1. Go to System > Dashboard > Status.

2. Beside System Configuration, select Restore.

3. Select Restore Factory Defaults at the top of the page.

You can reset using the CLI by entering the command:

execute factoryreset

When prompted, type y to confirm the reset.

Alternatively, in the CLI you can reset the factory defaults but retain the interface and VDOM configuration. Use the command:

execute factoryreset2

 

 

FortiGuard

The FortiGuard Distribution Network (FDN) of servers provides updates to antivirus, antispam and IPS definitions to your FortiGate. Worldwide coverage of FortiGuard services is provided by FortiGuard service points.

FortiGuard Subscription Services provide comprehensive Unified Threat Management (UTM) security solutions to enable protection against content and network level threats.

The FortiGuard team can be found around the globe, monitoring virus, spyware and vulnerability activities. As vulnerabilities are found, signatures are created and pushed to the subscribed FortiGates. The Global Threat Research Team enables Fortinet to deliver a combination of multi-layered security intelligence and provide true zero-day protection from new and emerging threats.The FortiGuard Network has data centers around the world located in secure, high availability locations that automatically deliver updates to the Fortinet security platforms to and protect the network with the most up-to-date information.

The FortiGuard services provide a number of services to monitor world-wide activity and provide the best possible security:

  • Intrusion Prevention System (IPS)- The FortiGuard Intrusion Prevention System (IPS) uses a customizable database of more than 4000 known threats to stop attacks that evade conventional firewall defenses. It also provides behavior-based heuristics, enabling the system to recognize threats when no signature has yet been developed. It also provides more than 1000 application identity signatures for complete application control.
  • Application Control – Application Control allows you to identify and control applications on networks and endpoints regardless of port, protocol, and IP address used. It gives you unmatched visibility and control over application traffic, even traffic from unknown applications and sources.
  • AntiVirus -The FortiGuard AntiVirus Service provides fully automated updates to ensure protection against the latest content level threats. It employs advanced virus, spyware, and heuristic detection engines to prevent both new and evolving threats from gaining access to your network and protects against vulnerabilities.
  • Web Filtering – Web Filtering provides Web URL filtering to block access to harmful, inappropriate, and dangerous web sites that may contain phishing/pharming attacks, malware such as spyware, or objectionable content that can expose your organization to legal liability. Based on automatic research tools and targeted research analysis, real- time updates enable you to apply highly-granular policies that filter web access based on 78 web content
  • categories, over 45 million rated web sites, and more than two billion web pages – all continuously updated.
  • Vulnerability Scanning – FortiGuard Services provide comprehensive and continuous updates for vulnerabilities, remediation, patch scan, and configuration benchmarks.
  • Email Filtering – The FortiGuard Antispam Service uses both a sender IP reputation database and a spam signature database, along with sophisticated spam filtering tools on Fortinet appliances and agents, to detect and block a wide range of spam messages. Updates to the IP reputation and spam signature databases are provided continuously via the FDN.
  • Messaging Services – Messaging Services allow a secure email server to be automatically enabled on your FortiGate to send alert email or send email authentication tokens. With the SMS gateway, you can enter phone numbers where the FortiGate will send the SMS messages. Note that depending on your carrier, there may be a slight time delay on receiving messages.
  • DNS and DDNS – The FortiGuard DNS and DDNS services provide an efficient method of DNS lookups once subscribed to the FortiGuard network. This is the default option. The FortiGate connects automatically to the FortiGuard DNS server. If you do not register, you need to configure an alternate DNS server.

Configure the DDNS server settings using the CLI commands:

config system fortiguard set ddns-server-ip

set ddns-server-port end

Support Contract and FortiGuard Subscription Services

The Support Contract and FortiGuard Subscription Services sections are displayed in abbreviated form within the License Information widget. A detailed version is available by going to System > FortiGuard.

The Support Contract area displays the availability or status of your FortiGate’s support contract. The status displays can be either Unreachable, Not Registered, or Valid Contract.

The FortiGuard Subscription Services area displays detailed information about your FortiGate’s support contract and FortiGuard subscription services. On this page, you can also manually update the antivirus and IPS engines.

The status icons for each section Indicates the state of the subscription service. The icon corresponds to the availability description.

  • Gray (Unreachable) – the FortiGate is not able to connect to service.
  • Orange (Not Registered) – the FortiGate can connect, but not subscribed.
  • Yellow (Expired) – the FortiGate had a valid license that has expired.
  • Green (Valid license) – the FortiGate can connect to FDN and has a registered support contract. If the Status icon is green, the expiry date also appears.

Verifying your Connection to FortiGuard

If you are not getting FortiGuard web filtering or antispam services, there are a few things to verify communication to the FortiGuard Distribution Network (FDN) is working. Before any troubleshooting, ensure that the FortiGate has been registered and you or your company, has subscribed to the FortiGuard services.

 

Verification – GUI

The simplest method to check that the FortiGate is communicating with the FDN, is to check the License Information dashboard widget. Any subscribed services should have a green check mark beside them indicating that connections are successful. Any other icon indicates a problem with the connection, or you are not subscribed to the FortiGuard services.

 

You can also view the FortiGuard connection status by going to System > FortiGuard.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.