Getting started Planning the FortiGate configuration
FortiGate-4000 Installation and Configuration Guide 53
Unfiltered content profile
Use the unfiltered content profile if you do not want to apply content protection to
traffic. You can add this content profile to firewall policies for connections between
highly trusted or highly secure networks where content does not need to be protected.
Planning the FortiGate configuration
Before you configure the FortiGate-4000 units in the FortiGate-4000 chassis, you
need to plan how to integrate them into your network. Among other things, you must
decide whether you want the FortiGate-4000 units to be visible to the network, which
firewall functions you want to provide, and how you want it to control the traffic flowing
between FortiGate-4000 unit interfaces.
This section contains overviews for installing a FortiGate-4000 unit with the following
configurations:
• NAT/Route mode standalone configuration
• Transparent mode standalone configuration
• FortiGate-4000 HA configuration
• FortiGate-4000P units with external load balancers
NAT/Route mode standalone configuration
In NAT/Route mode standalone configuration, each FortiGate-4000 unit in the
FortiGate-4000 chassis operates as a separate NAT/Route mode FortiGate-4000
antivirus firewall. Each of these FortiGate-4000 units is visible to the network it is
connected to. The internal and external interfaces of each FortiGate-4000 unit must
be on a different subnet.
Table 18: Unfiltered content profile
Options HTTP FTP IMAP POP3 SMTP
Antivirus Scan
File Block
Web URL Block
Web Content Block
Web Script Filter
Web Exempt List ;
Email Block List
Email Exempt List ;;
Email Content Block
Oversized File/Email Block pass pass pass pass pass
Pass Fragmented Emails ;;;
To Next Page
Loading...
