Tag Archives: fortinet client

Edit in CLI

Edit in CLI

Available in the following locations among others in the FortiOS GUI you can select the Edit in CLI option to edit an item in the CLI. Editing an item is the CLI is available from the following locations

  • Firewall policy
  • Firewall address
  • Firewall service
  • Firewall schedule
  • Traffic shaper
  • Shaping policy
  • Policy route
  • Static route
  • Managed FortiAP

For example, if you are looking at a Firewall policy on the GUI and select Edit in CLI, the CLI console opens up inside the CLI configuration of the same policy. Some configurations options are only available from the CLI and this control allows you to easily edit specific items without having to find the item in the CLI.

 

Full screen mode

Full screen mode

You can use the Full Screen Mode button (between the online help button and the admin menu) to toggle full screen mode. In full screen mode the GUI menu and header are hidden the full browser window is taken up by the current GUI page. You can select the Exit Full Screen mode any time to return to the normal GUI arrangement.

Changing the GUI theme

Changing the GUI theme

You can go to System > Settings > View Settings and select a Theme. You can also use the following CLI command to change the GUI theme. The following command shows how to change the GUI to use the red theme:

config system global set gui-theme red

end

FortiOS 6_4 Red Theme

FortiOS 6_4 Red Theme

New options for editing policies from the policy list

New options for editing policies from the policy list

All of the security policy lists (Policy & Objects > IPv4 and so on) have new options for controlling the columns displayed for policies, for editing policies, and for accessing FortiView data or log messages generated by individual policies. You can access these options clicking or right-clicking on the policy list header or on individual policies.

For example, as shown below if you click on the Security Profiles settings for a policy a list of categories and profiles appears on the left of the GUI. The list highlights the security profile options added to the policy. You can select a profile option to add it to a policy. You can deselect an option to remove it from a policy. Similar lists are available to select addresses, services, user groups, devices, and so on.

FortiOS 5_4_0 New GUI Policies

FortiOS 5_4_0 New GUI Policies

GUI Refresh

GUI Refresh

The FortGate GUI now uses a new flat GUI design and framework that incorporates a simplified and modern look and feel. In addition to the new look, options have been moved around on the GUI menus:

  • New Dashboard and FortiView top level menus.
  • New top level Network menu includes networking features such as interfaces, DNS, explicit proxy, packet capture, WAN links (WAN load balancing), static routing, policy routing, dynamic routing (RIP, OSPF, BGP) and multicast routing.
  • New top level Monitor menu collects monitoring functions previously distributed throughout the GUI.Some former monitoring features, such as security profile-related monitoring, are now available in FortiView.
  • The GUI menu now has two levels only. For example the menu path for accessing IPv4 firewall policies is Policy & Objects > IPv4.
  • The new administrator’s menu (upper right) provides quick access to change the administrator’s password , backup the FortiGate configuration, access the CLI console and log out.
  • Most individual GUI pages have also been enhanced with new view options and more information.
  • Some functionality has moved around in the GUI. For example, Proxy Options and SSL/SSH Inspection moved from Policy & Objects to Security Profiles.
FortiOS 5_4_0 New GUI

FortiOS 5_4_0 New GUI

Proxy mode and flow mode antivirus and web filter profile options

Proxy mode and flow mode antivirus and web filter profile options

The following tables list the antivirus and web filter profile options available in proxy and flow modes.

 

Antivirus features in proxy and flow mode  
Feature Proxy Flow
 

Scan Mode (Quick or Full)

 

no

 

yes

 

Detect viruses (Block or Monitor)

 

yes

 

yes

 

Inspected protocols

 

yes

 

no (all relevant protocols are inspected)

 

Inspection Options

 

yes

 

yes (not available for quick scan mode)

 

Treat Windows Executables in Email Attachments as Viruses

 

yes

 

yes

 

Include Mobile Malware Protection

 

yes

 

yes

 

Web Filter features in proxy and flow mode

 

Feature                                                                                                       Proxy  Flow
 

FortiGuard category based filter                                                                         yes       yes (show, allow, monitor, block)

 

Category Usage Quota                                                                                       yes       no

 

Allow users to override blocked categories (on some models)                            yes       no

 

Search Engines                                                                                                   yes       no

   

Enforce ‘Safe Search’ on Google, Yahoo!, Bing,      yes       no

Yandex

 

YouTube Education Filter                                        yes       no

 

Log all search keywords                                           yes       no

 

Static URL Filter                                                                                                  yes       yes

   

Block invalid URLs                                                   yes       no

 

URL Filter                                                                yes       yes

 

Block malicious URLs discovered by FortiSand-      yes       yes box

 

Web Content Filter                                                  yes       yes

 

Rating Options                                                                                                    yes       yes

   

Allow websites when a rating error occurs               yes       yes

 

Rate URLs by domain and IP Address                     yes       yes

 

Block HTTP redirects by rating                                yes       no

 

Rate images by URL                                               yes       no

 

Proxy Options                                                                                                      yes       no

Feature Proxy  Flow

Restrict Google account usage to specific domains

Provide details for blocked HTTP 4xx and 5xx errors

yes       no

yes       no

HTTP POST Action                                                 yes       no

 

Remove Java Applets Remove ActiveX                   yes       no

 

Remove Cookies                                                     yes       no

 

Filter Per-User Black/White List                               yes       no