Fortinet black logo

Handbook

Services

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:39633
Download PDF

Services

While there are a number of services already configured within FortiOS, the firmware allows for administrators to configure their own. The reasons for doing this usually fall into one or more of the following categories:

  • The service is not common enough to have a standard configuration
  • The service is not established enough to have a standard configuration
  • The service has a standard port number but there is a reason to use a different one:
    • Port is already in use by another service
    • For security reasons, want to avoid standard port

When looking at the list of preconfigured services it may seem like there are a lot, but keep in mind that the theoretical limit for port numbers is 65,535. This gives a fairly good sized range when you are choosing what port to assign a service but there are a few points to keep in mind.

  • Most of the well known ports are in the range 0 - 1023
  • Most ports assigned by the Internet Corporation for Assigned Names and Numbers (ICANN) will be in the 1024 - 49151 range
  • Port numbers between 49,152 and 65,535 are often used for dynamic, private or ephemeral ports.

There are 3 Service objects that can be added and configured:

  • Categories
  • Services
  • Service Groups

Services

While there are a number of services already configured within FortiOS, the firmware allows for administrators to configure their own. The reasons for doing this usually fall into one or more of the following categories:

  • The service is not common enough to have a standard configuration
  • The service is not established enough to have a standard configuration
  • The service has a standard port number but there is a reason to use a different one:
    • Port is already in use by another service
    • For security reasons, want to avoid standard port

When looking at the list of preconfigured services it may seem like there are a lot, but keep in mind that the theoretical limit for port numbers is 65,535. This gives a fairly good sized range when you are choosing what port to assign a service but there are a few points to keep in mind.

  • Most of the well known ports are in the range 0 - 1023
  • Most ports assigned by the Internet Corporation for Assigned Names and Numbers (ICANN) will be in the 1024 - 49151 range
  • Port numbers between 49,152 and 65,535 are often used for dynamic, private or ephemeral ports.

There are 3 Service objects that can be added and configured:

  • Categories
  • Services
  • Service Groups