KEMBAR78
FortiMail 02 System Configuration | PDF | Email | Cyberwarfare
Scribd
Upload
272 views16 pages

FortiMail 02 System Configuration

This document provides an overview of system configuration options for FortiMail email filtering appliances. It describes how to configure initial settings, interfaces, routing, administration, logging and SNMP using both the CLI and web UI.

Uploaded by

yousef512
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
272 views16 pages

FortiMail 02 System Configuration

This document provides an overview of system configuration options for FortiMail email filtering appliances. It describes how to configure initial settings, interfaces, routing, administration, logging and SNMP using both the CLI and web UI.

Uploaded by

yousef512
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

221 - FortiMail Email Filtering

System Configuration

System Configuration
Module 2

2013 Fortinet Inc. All rights reserved.


The information contained herein is subject to change without notice. No part of this publication including text, examples, diagrams
1
or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical
or otherwise, for any purpose, without prior written permission of Fortinet Inc. 06-50000-0221-20130726

Module Objectives
By the end of this module, you will be able to:
Use CLI and web UI administrative interfaces
Configure initial settings on the FortiMail system
Search FortiMail system logs to obtain data

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

Web Access
Admin Login
https://192.168.1.99/admin

Webmail Login
https://192.168.1.99

Admin Web UI

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

System Status

Admin Menu
Menu options available in the Admin web UI include the following:

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

System
Dashboard JAVA Based Console
Provides direct access to the command line interface via the web GUI

Login Customization

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

Context Sensitive On-line Help

Basic and Advanced Mode


Basic Mode
Commonly used options only
Day-to-day operation

Advanced Mode
Full set of menu options

10

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

CLI Tree
Command

Object

config

system interface
Table

Subcommand
edit

<port_name>

Option

set status {up | down}

Field

set ip
next

<interface_ipv4mask>

end

Value

11

Quick Start Wizard

Effective way to have the unit up and running in no time by configuring


the following parameters:
Default password for the administrator account
Network and time settings
Local host settings
Protected domains
Incoming and outgoing antispam and antivirus
Access control rules for SMTP Relay
Note: The operational mode cannot be set though the Quick Start Wizard
12

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

Configuring Network Interfaces

13

Link Status Propagation


Link status of a port is
propagated to other port(s)
Status of an interface is
linked to the status of another
interface
If associated interface is
down, the interface goes
down too

14

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

Link Status Propagation


MTA
3.

FORTIMAIL IS
REMOVED FROM
THE LB POOL

2. STATUS
PROPAGATION

If the outgoing interface is


down FortiMail unit will
disable the incoming
interface and vice-versa
Downstream load-balancer:
Detects the failure
Removes the appliance from
the LB algorithm to stop mail
forwarding

1. FAILURE
DETECTION

Sends messages to other units


available in the pool

15

Configuring Routing

16

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

Route Selection
The destination IP address is compared to those of the static routes to
determine which route a packet will take
The most specific route will always be chosen
If there is more than one specific route available in the routing table,
the FortiMail unit will apply the route with the smallest index number
The index number is a unique value used to identify a route entry in
the routing table and can be determined with the following CLI
command:
get system route

17

DNS Settings
Primary and secondary DNS can be configured using the web UI or the CLI

CLI Configuration:
config system dns
set primary 10.0.1.1
set secondary 208.91.112.52
end

18

06-50000-0221-20130726

221 - FortiMail Email Filtering

System Configuration

Administration Options

19

Access Profiles
Access Profiles are used to:
Control which areas an administrator can access
Define the level of permissions in that area

20

06-50000-0221-20130726

10

221 - FortiMail Email Filtering

System Configuration

Password Policies
Enforce complex passwords
Apply to administrators, webmail and IBE users

21

Admin Authentication
Authentication types supported include local, RADIUS,
RADIUS+Local, PKI and LDAP

22

06-50000-0221-20130726

11

221 - FortiMail Email Filtering

System Configuration

Enable and Disable Message Services


Allows you to turn SMTP, POP3 or IMAP services ON/OFF
Required for vulnerability and security assessment tests when those
services are not in use
CLI configuration:
config system mailserver
set smtp-service enable|disable
set pop3-service enable|disable
set imap-service enable|disable

23

FortiMail Log Types


The following types of log messages can be recorded:
History
Emails handled by the FortiMail unit

Event
System and admin related logs

Antivirus
Virus detection and inspection logs

Antispam
Spam related messages

Encryption
Encryption subsystem such as IBE and S/MIME

24

06-50000-0221-20130726

12

221 - FortiMail Email Filtering

System Configuration

Log Message Severity Levels

Levels

Description

0 Emergency

System unstable

1 Alert

Immediate action required

2 Critical

General functionality affected

3 Error

Error condition exists

4 Warning

Functionality could be affected

5 Notification

Notification about normal events

7 Information

General system operation

25

History Log Disposition and Classifier


Disposition and Classifier are used to provide extra information
regarding email processing
Disposition defines the action taken by the FortiMail unit
Classifier explains why such action was taken

For a complete list of Dispositions and Classifiers, refer to the FortiMail


Admin Guide
26

06-50000-0221-20130726

13

221 - FortiMail Email Filtering

System Configuration

Logging Storage
Log messages can be
logged to local disk
(default option) or to a
remote device (for
example, FortiAnalyzer
system, generic syslog)
Different logging
policies can be
configured based on the
logging location

27

Log Message Correlation


Since different types of log files record different activities, the same
SMTP session may be logged in different types of log files
Click on the Session ID link to display all the logs generated for a
specific SMTP session

28

06-50000-0221-20130726

14

221 - FortiMail Email Filtering

System Configuration

Reports
Reports can be
generated directly
from the FortiMail Unit
Generated reports
appear in Monitor >
Reports

29

SNMP
SNMP agent can be enabled on the FortiMail unit to generate SNMP
traps when certain system events or thresholds have been reached
Up to three SNMP communities can be configured on the FortiMail unit

30

06-50000-0221-20130726

15

221 - FortiMail Email Filtering

System Configuration

SNMP Support
SNMP message integrity, authentication and encryption

SNMP v1, v2c

SNMP v3

31

SNMP v3 Configuration

32

06-50000-0221-20130726

16

You might also like