Vpn
•Download as PPTX, PDF•
2 likes•434 views
This document provides an overview of the features included in FortiOS 5.2, including IPsec and SSL VPN capabilities, SSL offloading and inspection, and virtual desktop features for SSL VPN. Key capabilities mentioned are IPsec and SSL VPN configurations, customizable SSL VPN portals, application control and host checking for virtual desktops, and SSL traffic inspection options. Contact information is also provided for certified experts in Fortinet products.
More Related Content
What's hot
What's hot (20)
Similar to Vpn
Similar to Vpn (20)
More from Lan & Wan Solutions
More from Lan & Wan Solutions (20)
Recently uploaded
Recently uploaded (20)
Vpn
- 1. © Copyright Fortinet Inc. All rights reserved. Inside FortiOS VPN Versione 5.2.4 – Mar 2015 Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali e Geografiche
- 3. 3 FortiOS 5.2 Feature Set ATP OSS Support AAA Central Mgmt. Integrations Configuration Visibility Log & Report Diagnostics Management Anti-Malware IPS Application Control Web Filtering Email Filtering Firewall VPN DLP User & Device Identity SSL inspection Security Functions Wireless Controller Switch Controller Endpoint Manager Token Server Vulnerability Scanner Extensions :::::::::: Virtual Domains :::::::::: Virtual Systems Routing NAT/CGN WAN Link / Server LB Wan Optimization Network Functions L2/Switching IPv6 QoS High Availability NAT/Route Transparent Sniffer Operating Modes LAN WiFi WAN Network Interface Physical Appliance (+ASICS) Hypervisor Cloud Platform * Features may varied by models
- 4. 4 Overview VPN IPSEC VPN Standard Based Protocol Support Policy and route based configurations Hub-and-Spoke, mesh VPN architectures Redundant tunnels Spilt Tunneling Remote VPN with FortiClient VPN Wizard SSL VPN Web and Tunnel Mode Customizable Portal with bookmarks Virtual Desktop & Host Check Other VPN Features L2TP (Microsoft) & GRE Hardware Acceleration* No Additional Licenses required Integrates with UTM functions protects Internal resources against remote traffic SSL VPN Portal *applicable to supported models
- 5. 5 Wizard Step-by-step Guided IPSEC configurations » Custom defined » Predefined Templates Covers authentication & Network settings » No need to create separate phase1 objects for different user groups as authorization is handled by Firewall policy IPSEC VPN
- 6. 6 Web Application Mode • Support via Java Applets • Limited application support: HTTP/HTTPS, FTP, SMB/CIFS, TELNET, SSH, VNC, RDP, Citrix • Ease of use Access Modes Tunnel Mode • Support via SSL VPN Client, requires download & install • Unlimited L3 application support SSL VPN Port Forward Mode • Support via Java Applets • Extends applications supported by web application mode • Does not need admin privilege to install and run
- 7. 7 SSL VPN Portal Customized header, logo, themes and page layout Customized Widgets Tunnel Mode Widget SSL VPN Web Mode bookmarks Session Stats and status
- 8. 8 SSL VPN Portal User group based portal access Ability for MSP to create and set different portal access without using VDOMs » URL path (i.e. suffix to bind to), Max concurrent users, Custom login page Custom login profile selection on per SSL VPN usergroup policy SSL VPN https://sslvpn/customerA/ https://sslvpn/customerB/
- 9. 9 Virtual Desktop CLI Command Available for Windows terminals only SSL VPN Application Control: • Controls which applications users can run on their virtual desktop. • By creating a list of either allowed or blocked applications which you then select when you configure the virtual desktop. • Application Definitions is by MD5 Signatures Host Check: • Enforces the client’s use of antivirus or firewall software, • Offers predefined list which can be edited • Customized applications can be added with globally unique identifier (GUID) • Windows patch check (on CLI only) allows admin to define the minimum Windows version and patch level allowed » Supports Windows 2000, XP, Vista & 7 File Access: • Completely isolates the SSL VPN session from the client computer’s desktop environment • All data is encrypted, including • cached user credentials • browser history • cookies • temporary files and user files created during the session. • When the SSL VPN session ends normally, the files are deleted.
- 10. 10 Single Sign-on Available on Admin defined Web-Mode HTTP/HTTPS bookmarks Allow user to log into the SSL VPN without having to enter any more credentials to visit preconfigured website 2 Modes: » Automatic - Use user’s SSL VPN credentials for login » Static - Fill in the login credentials as defined by specified field name SSL VPN
- 11. 11 Overview SSL Offloading & Inspection SSL Offloading SSL Offloading for WANOPT & reverse web caching SSL Offloading for SLB SSL Inspection Facilitate UTM on SSL encrypted applications “SSL Cert Inspection” and “Full SSL Inspection” modes Intercept and proxy SSL encrypted Traffic for UTM for more security SSL offloading from web servers to economical secure web access offering SSL Inspection Option
- 12. 12 Overview SSL Inspection Exemptions Allows admin to build exclusion list using » Web Categories with defaults » (Destination) Address Object - FQDN or IP addresses Applicable to both “SSL Cert Inspection” and “Full SSL Inspection” modes SSL Offloading & Inspection
- 13. 13 Contattaci Gratuitamente … Certified experts in Fortimail and email security Certified experts in Fortiweb and web application firewall protection Certified experts in FortiAp, FortiWifi and wireless security CONTACTS Tel. +39 049 8843198 DIGIT (5) contacts@lanewan.it www.lanewan.it In questi anni di partnership con la casa madre, Lan & Wan Solutions ha ottenuto tutte le specializzazioni previste nei vari iter di certifica- zione, raggiungendo la qualifica di Partner Of Excellence.