Fortinet black logo

Administration Guide

Workflow

Workflow

Begin with How to set up your FortiWeb for your initial deployment. These instructions guide you to the point where you have a simple working configuration.

Ongoing use is located in subsequent chapters, and includes instructions for processes including:

  • Backing up FortiWeb
  • Updating FortiWeb
  • Configuring optional features
  • Adjusting policies if:
  • New attack signatures become available
  • Requirements change
  • Fine-tuning performance
  • Periodic web vulnerability scans if required by your compliance regime
  • Monitoring for defacement or focused, innovative attack attempts from advanced persistent threats (APTs)
  • Monitoring for accidentally blacklisted client IPs

Because policies consolidate many protection components, you should configure policies after you've configured those components.

This figure illustrates the general configuration process:

This figure illustrates the configuration process for setting up DoS protection:

  1. Configure anti-DoS settings for each type:
  • Group the settings together into a comprehensive anti-DoS policy (Grouping DoS protection rules).
  • Select the anti-DoS policy in a protection profile, and enable Configuring a protection profile for inline topologies (Configuring a protection profile for inline topologies).
  • Select the protection profile in a server policy (Configuring an HTTP server policy).
  • Workflow

    Workflow

    Begin with How to set up your FortiWeb for your initial deployment. These instructions guide you to the point where you have a simple working configuration.

    Ongoing use is located in subsequent chapters, and includes instructions for processes including:

    • Backing up FortiWeb
    • Updating FortiWeb
    • Configuring optional features
    • Adjusting policies if:
    • New attack signatures become available
    • Requirements change
    • Fine-tuning performance
    • Periodic web vulnerability scans if required by your compliance regime
    • Monitoring for defacement or focused, innovative attack attempts from advanced persistent threats (APTs)
    • Monitoring for accidentally blacklisted client IPs

    Because policies consolidate many protection components, you should configure policies after you've configured those components.

    This figure illustrates the general configuration process:

    This figure illustrates the configuration process for setting up DoS protection:

    1. Configure anti-DoS settings for each type:
  • Group the settings together into a comprehensive anti-DoS policy (Grouping DoS protection rules).
  • Select the anti-DoS policy in a protection profile, and enable Configuring a protection profile for inline topologies (Configuring a protection profile for inline topologies).
  • Select the protection profile in a server policy (Configuring an HTTP server policy).