Datasheet
4
Intrusion Prevention
IPS technology protects against current and emerging
network-level threats. In addition to signature-based threat
detection, IPS performs anomaly-based detection which alerts
users to any traffic that matches attack behavior profiles. The
Fortinet threat research team analyzes suspicious behavior,
identifies and classifies emerging threats, and generate new
signatures to include with FortiGuard Service updates.
Features
• Automatic Database Updates
• Protocol Anomaly Support
• IPS and DoS Prevention Sensor
• Custom Signature Support
• IPv6 Support
WAN Optimization
Wide Area Network (WAN) optimization accelerates
applications over geographically dispersed networks, while
ensuring multi-threat inspection of all network traffic. WAN
optimization eliminates unnecessary and malicious traffic,
optimizes legitimate traffic, and reduces the amount of
bandwidth required to transmit data between applications
and servers. Improved application performance and delivery
of network services reduces bandwidth and infrastructure
requirements, along with associated expenditures.
Features
• Gateway-to-Gateway Optimization
• Bidirectional Gateway-to-client Optimization
• Web Caching
• Secure Tunnel
• Transparent Mode
VPN
Fortinet VPN technology provides secure communications
between multiple networks and hosts, using SSL and IPsec
VPN technologies. The FortiGate VPN service enforces
complete content inspection and multi-threat protections
including antivirus, intrusion prevention and Web filtering.
Traffic optimization provides prioritization for critical
communications traversing VPN tunnels.
Features
• IPSec and SSL VPN
• DES, 3DES, AES and SHA-1/MD5 Authentication
• PPTP, L2TP, VPN Client Pass Through
• SSL Single Sign-On Bookmarks
• Two-Factor Authentication
SSL-Encrypted Traffic Inspection
SSL-encrypted traffic inspection protects endpoint clients
and Web and application servers from hidden threats. SSL
Inspection intercepts encrypted traffic and inspects it for
threats prior to routing it to its final destination. It can be
applied to client-oriented SSL traffic, such as users connecting
to cloud-based CRM site, and to inbound Web and application
server traffic. SSL inspection enables you to enforce
appropriate use policies on encrypted Web content and to
protect servers from threats which may be hidden inside
encrypted traffic flows.
Features
• Protocol support:
– HTTPS, SMTPS, POP3S, IMAPS
• Inspection support:
– Antivirus, Web Filtering, Antispam, Data Loss Prevention, SSL Offload
Data Loss Prevention
DLP uses a sophisticated pattern-matching engine to identify
and prevent the transfer of sensitive information outside of
your network perimeter, even when applications encrypt their
communications. In addition to protecting your organization’s
critical data, Fortinet DLP provides audit trails to aid in policy
compliance. You can select from a wide range of configurable
actions to log, block, and archive data, and quarantine or ban
users.
Features
• Identification and Control Over Data in Motion
• Built-in Pattern Database
• RegEx Based Matching Engine
• Common File Format Inspection
• International Character Sets Supported
• Flow-based DLP
Web Filtering
Web filtering protects endpoints, networks and sensitive
information against Web-based threats by preventing users from
accessing known phishing sites and sources of malware. In
addition, administrators can enforce policies based on Website
categories to easily prevent users from accessing inappropriate
content and clogging networks with unwanted traffic.
Features
• HTTP/HTTPS Filtering
• URL/Keyword/Phrase Block
• Blocks Java Applet, Cookies or Active X
• MIME Content Header Filtering
• Flow-based Web Filtering
• IPv6 Support