Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Getting Started with FortiGate
  • Table Of Contents Toc
  • Feedback & Rating feedback
Getting Started with FortiGate

Getting Started with FortiGate

3.3 (12)
Buy this Book
close
close
Getting Started with FortiGate

Getting Started with FortiGate

3.3 (12)
Buy this Book

Overview of this book

FortiGate from Fortinet is a highly successful family of appliances enabled to manage routing and security on different layers, supporting dynamic protocols, IPSEC and VPN with SSL, application and user control, web contents and mail scanning, endpoint checks, and more, all in a single platform. The heart of the appliance is the FortiOS (FortiOS 5 is the latest release) which is able to unify a friendly web interface with a powerful command line to deliver high performance. FortiGate is able to give users the results they usually achieve at a fraction of the cost of what they would have to invest with other vendors.This practical, hands-on guide addresses all the tasks required to configure and manage a FortiGate unit in a logical order. The book starts with topics related to VLAN and routing (static and advanced) and then discusses in full the UTM features integrated in the appliance. The text explains SSL VPN and IPSEC VPN with all the required steps you need to deploy the aforementioned solutions. High availability and troubleshooting techniques are also explained in the last two chapters of the book.This concise, example-oriented book explores all the concepts you need to administer a FortiGate unit. You will begin by covering the basic tools required to administer a FortiGate unit, including NAT, routing, and VLANs. You will then be guided through the concepts of firewalling, UTM inside the appliance, tunnelling using SSL, and IPSEC and dial-up configurations. Next, you will get acquainted with important topics like high availability and Vdoms. Finally, you will end the book with an overview of troubleshooting tools and techniques.
Table of Contents (13 chapters)
close
close
close
Getting Started with FortiGate
Icon
Getting Started with FortiGate
Credits
Icon
Credits
Foreword
Icon
Foreword
About the Authors
Icon
About the Authors
About the Reviewers
Icon
About the Reviewers
www.PacktPub.com
Icon
www.PacktPub.com
Preface
Icon
Preface
Lock Free Chapter
1
First Steps
chevron up
Icon
First Steps
Icon
Administering a FortiGate
Icon
Unboxing the FortiGate and license options
Icon
First access to a FortiGate
Icon
Static routing
Icon
Policy routing
Icon
Dynamic routing
Icon
Introducing OSPF
Icon
Monitoring OSPF routes
Icon
Summary
2
Filters, Policies, and Endpoint Security
Icon
Filters, Policies, and Endpoint Security
Icon
Processing a data packet inside a FortiGate
Icon
Firewall features
Icon
UTM profiles
Icon
Traffic shaping
Icon
Security policies
Icon
FortiClient
Icon
Bring Your Own Device (BYOD)
Icon
Summary
3
VPNs and Tunneling
Icon
VPNs and Tunneling
Icon
SSL VPN
Icon
Configuring the SSL VPN portal
Icon
FortiGate IPsec VPN
Icon
Summary
4
High Availability
Icon
High Availability
Icon
Link aggregation
Icon
Virtual MAC addresses
Icon
FortiGate Cluster Protocol
Icon
FortiGate Session Life Support Protocol
Icon
Virtual Router Redundancy Protocol
Icon
Full mesh high availability
Icon
Introducing virtual domains
Icon
VDOMs and virtual clustering
Icon
Summary
5
Troubleshooting
Icon
Troubleshooting
Icon
Base system diagnostics
Icon
Troubleshooting routing
Icon
Troubleshooting security policies and profiles
Icon
Troubleshooting virtual domains
Icon
Troubleshooting VPN
Icon
Troubleshooting High Availability (HA)
Icon
Summary
1
Index
Icon
Index

Dynamic routing

Unlike static routing, dynamic routing is based on information exchanged between network devices to select the best available route to a certain destination. This adds scalability and adaptability that does not exist in static routing. Dynamic routing uses one or more Routing Protocols that create, maintain, and update the dynamic routing table. The logic and the algorithms used vary from one protocol to the other and in every scenario there is one or more routing protocol that better fits to the networking needs. The protocol that we will select depends on a number of factors. Before we can compare the different protocols with each other it is necessary to introduce three basic concepts: convergence, technology used to calculate the best route, and protocol support for Classless Inter-Domain Routing (CIDR). The concepts are explained in the following list:

  • Convergence: Each routing protocol has a different method to update the routing table. This will affect the time to converge the routing tables.

  • Technology: The two main methods are Distance Vector and Link-State. Distance vector protocols use a distance value that is based on the number of hops (devices along the path) to the destination. Distance vector protocols usually send the whole routing table to their neighbors as soon as there is an update. Link-state protocols use information sent from all the connected devices and are related only to the directly connected networks. Link-state protocols also take into account other factors when making routing decisions such as bandwidth. The routing information is sent in incremental form.

  • Support for CIDR: Routing protocols include classful protocols that do not send subnet mask information with their routing updates. With the other kind (classless routing) a series of addresses can be combined into one entry also because subnet mask information is transmitted.

The following table contains a comparison of three widespread routing protocols: RIP, OSPF, and BGP.

Protocol

RIP (v2)

OSPF

BGP

Technology

Distance Vector

Link-state

Distance vector (path vector)

CIDR

Yes

Yes

Yes

Update

30 seconds plus triggered

30 minutes plus triggered

Triggered

Metric

Hop

Cost

Path attributes

Scalability

15 hops

Around 50 routers per area, a few hundred areas

Thousands of routers

Routing protocols are also divided into two categories that determine the most suitable use scenario:

  • Exterior routing protocols: Best used to distribute routes between different companies or organizations (BGP).

  • Interior routing protocols: Designed to distribute routes inside a single organization (RIP and OSPF).

Each of the protocols listed has its own method of operation. RIP is less complex to manage, but due to its characteristics, it can be considered suitable only for networks of very small dimensions. OSPF and BGP are more complex but will give a much greater scalability. Being the most commonly used protocol, OSPF will be the routing protocol explained in the text.

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Getting Started with FortiGate
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon