Fortinet FortiGate 4000 Betriebsanweisung

The FortiGate-4000 model is a chassis 
based system that broadband Service 
providers can use to provide subscriber 
security services such as firewall, VPN, 
and antivirus protection. The 
FortiGate-4000 system scales from 1 to 
10 blades enabling customers to add 
incremental performance. Two basic 
system configurations provides flexibility to meet the network layout of high 
performance networks. The FortiGate-4000 supports high-end features including 
802.1Q VLAN support, redundant hot-swappable power supplies and cooling, and 
stateful failover HA.

FortiGate ICSA-certified antivirus protection scans web (HTTP), file transfer (FTP), 
and email (SMTP, POP3, and IMAP) content as it passes through the FortiGate unit. 
FortiGate antivirus protection uses pattern matching and heuristics to find viruses. If a 
virus is found, antivirus protection removes the file containing the virus from the 
content stream and forwards a replacement message to the intended recipient.

For extra protection, you can configure antivirus protection to block specified file types 
from passing through the FortiGate unit. You can use the feature to stop files that 
might contain new viruses.

FortiGate antivirus protection can also identify and remove known grayware 
programs. Grayware programs are usually unsolicited commercial software programs 
that get installed on PCs, often without the user’s consent or knowledge. Grayware 
programs are generally considered an annoyance, but these programs can cause 
system performance problems or be used for malicious means.

If the FortiGate unit contains a hard disk, infected or blocked files and grayware files 
can be quarantined. The FortiGate administrator can download quarantined files so 
that they can be virus scanned, cleaned, and forwarded to the intended recipient. You 
can also configure the FortiGate unit to automatically delete quarantined files after a 
specified time.

The FortiGate unit can send email alerts to system administrators when it detects and 
removes a virus from a content stream. The web and email content can be in normal 
network traffic or encrypted IPSec VPN traffic.

ICSA Labs has certified that FortiGate Antivirus Firewalls:

• detect 100% of the viruses listed in the current In The Wild List (www.wildlist.org),

• detect viruses in compressed files using the PKZip format,

• detect viruses in email that has been encoded using uuencode format,

• detect viruses in email that has been encoded using MIME encoding,

• log all actions taken while scanning.