Fortinet FortiGuard Unified Threat Protection for FortiGate-51E

1. Уводзіны

The Fortinet FortiGuard Unified Threat Protection (UTP) service provides comprehensive cybersecurity protection for your FortiGate-51E firewall. This service bundle integrates multiple security features to defend against a wide range of cyber threats, ensuring the integrity and availability of your network.

This manual outlines the key features, activation process, operational aspects, and support information for the FortiGuard UTP service.

2. Service Overview

The FortiGuard Unified Threat Protection bundle enhances your FortiGate-51E with advanced web security services, building upon the Advanced Threat Protection (ATP) bundle. It is designed to protect organizations against web-borne threats, including sophisticated DNS-based attacks.

Included Services:

• Сістэма прадухілення ўварванняў (IPS): Блакуе ўразлівасці і эксплойты з дапамогай праверкі сеткавага трафіку.
• Advanced Malware Protection: Blocks known malware, including ransomware, based on signature-based detection.
• Кантроль прыкладанняў: Manages and controls network application usage.
• URL Фільтраванне: Забараняе доступ шкоднасных праграм websites and enforces web usage policies.
• DNS-фільтрацыя: Protects against DNS-based threats.
• Фільтраванне відэа: Filters video content based on policies.
• Anti-Botnet and C2 Communications Services: Detects and blocks communication with command-and-control servers.
• Anti-Spam: Filters unwanted email.
• Sandboxing: Executes suspicious files in an isolated environment to detect zero-day threats.
• Web Application Firewall (WAF): Абараняе web applications from attacks.
• Прадухіленне страты дадзеных (DLP): Блакуе ўцечкі дадзеных і іх выцясненне.
• Inline Malware Prevention: Blocks unknown malware based on behavioral detection.

Малюнак 1: Закончанаview of FortiGuard Security Services.

Figure 2: FortiGuard Security Services Attack Surface Protection.

3. Настройка і актывацыя

The FortiGuard Unified Threat Protection is a subscription service designed for seamless integration with FortiGate firewalls. Activation typically involves applying the provided license key (FC-10-0051E-950-02-12) to your FortiGate-51E device through the Fortinet support portal or the FortiGate management interface.

Крокі актывацыі:

1. Ensure your FortiGate-51E is connected to the internet and has a valid FortiCloud account associated.
2. Log in to the Fortinet Support Portal (support.fortinet.com) with your credentials.
3. Navigate to the 'Asset Management' section and select your FortiGate-51E device.
4. Locate the option to 'Register Product' or 'Activate Services' and enter the provided FortiGuard license key (FC-10-0051E-950-02-12).
5. Follow the on-screen prompts to complete the activation. The FortiGuard services will then be synchronized with your FortiGate device.
6. Verify the activated services within your FortiGate-51E's management interface under the 'System' > 'FortiGuard' section.

No complex hardware configurations or additional installations are typically required for service activation, as it is a software-based subscription.

4. Operating the Services

Once activated, the FortiGuard UTP services operate continuously in the background, providing real-time threat intelligence and protection. Management and configuration of these services are performed directly through the FortiGate-51E's web-based management interface or FortiManager.

Асноўныя аперацыйныя аспекты:

• Policy Configuration: Security policies on the FortiGate can be configured to leverage specific FortiGuard services (e.g., applying IPS profiles, web фільтраванне праfiles, application control policies to firewall rules).
• Real-time Protection: Services like IPS, Advanced Malware Protection, and URL/DNS Filtering actively inspect network traffic and block threats according to configured policies.
• Reporting and Logging: The FortiGate provides detailed logs and reports on detected threats, blocked attempts, and service usage, accessible via the FortiGate GUI or FortiAnalyzer.
• Аўтаматычныя абнаўленні: FortiGuard services receive automated security updates from FortiGuard Labs, ensuring protection against the latest threats without manual intervention.

Figure 3: Unified Threat Protection Bundle Components.

5. Тэхнічнае абслугоўванне

FortiGuard services are designed for low maintenance, with most updates handled automatically by Fortinet's global threat intelligence network, FortiGuard Labs.

Асноўныя мерапрыемствы па тэхнічным абслугоўванні:

• Automated Security Updates: FortiGuard services receive continuous, real-time updates for threat signatures, web filtering categories, and other intelligence to maintain up-to-date protection.
• FortiGate Firmware Updates: While FortiGuard services update independently, it is crucial to keep your FortiGate-51E's firmware updated to ensure compatibility and access to the latest security features and enhancements.
• Палітыка Review: Рэгулярна пераview and adjust your FortiGate security policies to ensure they align with your organization's evolving security requirements and network usage patterns.
• Маніторынг: Monitor FortiGate logs and reports for security events, performance metrics, and service status to identify and address potential issues proactively.

6. Выпраўленне непаладак

Should you encounter issues with your FortiGuard Unified Threat Protection services, consider the following troubleshooting steps:

• Праверце стан ліцэнзіі: Confirm that your FortiGuard UTP license is active and not expired on the Fortinet Support Portal and within your FortiGate-51E's management interface.
• Праверце падключэнне да сеткі: Ensure your FortiGate-51E has stable internet connectivity to reach FortiGuard update servers.
• Review Журналы FortiGate: Праверце сістэмныя журналы і журналы бяспекі вашага FortiGate на наяўнасць паведамленняў пра памылкі або прыкмет збояў у абслугоўванні.
• Звярніцеся да дакументацыі Fortinet: Refer to the official Fortinet documentation and knowledge base for specific troubleshooting guides related to FortiGuard services and FortiGate devices.
• Звяжыцеся са службай падтрымкі FortiCare: If issues persist, contact FortiCare Premium Support for expert assistance. Refer to the 'Support' section for details.

7. Тэхнічныя характарыстыкі

This section details the specific model and service duration for the FortiGuard Unified Threat Protection.

• Мадэль прадукту: FC-10-0051E-950-02-12
• Service Duration: 1 год
• Associated Device: FortiGate-51E
• Included Bundles: Unified Threat Protection (UTP)

Figure 4: FortiGuard Subscription Bundles Comparison.

8. Падтрымка

The FortiGuard Unified Threat Protection bundle includes FortiCare Premium Support Services, ensuring you have access to expert assistance when needed.

FortiCare Premium Support Services:

• Даступнасць: 24x7x365 support via phone, chat, and web.
• Час водгуку: One-hour response times for Priority 1 and Priority 2 inquiries.
• Абнаўленне прашыўкі: Доступ да абнаўленняў прашыўкі.
• Кансольны доступ: Партал кіравання актывамі.
• Падтрымка RMA: Return Merchandise Authorization (RMA) Replacement, eligible for Premium RMA Upgrade.

For most customers, FortiCare Premium provides the appropriate level of support for critical security needs.

Figure 5: FortiCare Premium vs. FortiCare Elite Support Comparison.