Posted: Thu Feb 09, 2006 4:56 pm
Cool. Who do you work for? 
ohh, and btw, the Anti-virii sercive on it kinda sucks... and yea, filtering is quite good
Quake3World
Your world is waiting...
https://www.quake3world.com/forum/
Just bought 5 of these bad boys
Page 1 of 2
Posted: Thu Feb 09, 2006 10:29 pm
i just installed a fortigate 60 at my workplace about ~9 months ago. and i do like it, the interface could use a little work.. but other then that, i have been happy with it..
ohh, and btw, the Anti-virii sercive on it kinda sucks... and yea, filtering is quite good
ohh, and btw, the Anti-virii sercive on it kinda sucks... and yea, filtering is quite good
Posted: Thu Feb 09, 2006 10:39 pm
its set to auto update
yet it hasent loaded.. interesting..
i will load it tonight..
funny thing that i noticed.. i have it configured like so:
and with ~15 clients, and 4 VPN tunnels open, its eating 80% of the on board mem... and i mean the traffic is about ~15/ksec and its simple SQL or HTTP transactions going through the thing..
Meh, Lets see what the new firmware has in store for me..
thanks for the heads up, and have fun with your new toys.
yet it hasent loaded.. interesting..
i will load it tonight..
funny thing that i noticed.. i have it configured like so:
Code: Select all
SDSL-> Forti - ( 3 lines ) -> 3 Servers
|_->Unmanaged Switch -> Clients
Meh, Lets see what the new firmware has in store for me..
thanks for the heads up, and have fun with your new toys.
Posted: Thu Feb 09, 2006 11:14 pm
Interesting.. Is that MIME filtering? File types at the App layer?
Cos if so, it's pretty tasty for the price point..
Cos if so, it's pretty tasty for the price point..
Posted: Thu Feb 09, 2006 11:56 pm
btw, i cant find the 3.0 Firmware... :/
btw godlike, yes and yes.
btw godlike, yes and yes.
Posted: Fri Feb 10, 2006 2:42 am
i will just wait for it to hit there FTP as per usuall, No big rush
Posted: Fri Feb 10, 2006 5:36 pm
This might just be the product I've been looking for. Thanks Riddla :icon14:
Posted: Fri Feb 10, 2006 7:40 pm
nice package... not really a fan of subscriptions, but it seems you can't stray from them these days. What happens if it lapses? Do you manage your own content filters or does the feature become disabled? I like the deep packet inspectionish filtering too.
Oooh, 100 MBPS throughput with 40 3DES for a sub 2000 tag? hmm not bad...
Oooh, 100 MBPS throughput with 40 3DES for a sub 2000 tag? hmm not bad...
Posted: Sat Feb 11, 2006 1:03 am
thus far, i have not had a hiccup fro mthe thing.. then again the most stressfull thing that it has to do is VPN tunnel's
it gives quite a bit of configurability, it also allows AutoFirmware update, Auto Virii updates ( for routers and clients.. it will store it in its cach ), etc etc..
it bascially a we'll managed Micro Unix box.
it gives quite a bit of configurability, it also allows AutoFirmware update, Auto Virii updates ( for routers and clients.. it will store it in its cach ), etc etc..
it bascially a we'll managed Micro Unix box.
Posted: Sat Feb 11, 2006 4:18 am
How extensive is the content filtering? Is the list of blocked sites definition-based? Can you define categories to be blocked (eg. webmail, porn, hacking sites, etc)?
Posted: Sat Feb 11, 2006 5:19 am
pictures worth 1000 words
Posted: Sat Feb 11, 2006 5:04 pm
btw, you dont need to do anything really to get the filters working, no routing process's, No nothing, they are pritty much ready to go in the box and they watch the traffic that pass's through it and catches it..
it also gives the option to not allow certan file Extentions to be blocked. ( I.E .BAT, .EXE, .ZIP, .torrent etc )
if you guys have any more q's or anything, i can log in ( through the pwn ass remote web interface ) and take some screenies
it also gives the option to not allow certan file Extentions to be blocked. ( I.E .BAT, .EXE, .ZIP, .torrent etc
)if you guys have any more q's or anything, i can log in ( through the pwn ass remote web interface ) and take some screenies
Posted: Sat Feb 11, 2006 6:28 pm
Posted: Sat Feb 11, 2006 7:10 pm
Posted: Tue Feb 14, 2006 2:46 am
right on amidy, ups for you guys sharing this, I'm getting ready to toss my Pix 515e because of hardware issues and am more interested the further I dig into this thing. Both seem to have enterprise-level protection for a low-budget system. Amidy, what's a yearly subscription cost for the whole 9 yards on a 60 and how many vpn client licenses do you get? Looks like it's unlimited IKE peers (remote vpn gateways) as well as internal clients, have you tried setting up off-brand peer tunnels, or just the vpn portion?
Posted: Tue Feb 14, 2006 2:52 am
allllright, back up!
we have 15 VPN licences, So that allows for 15 VPN Tunnels to me made ( i.e. install the app as much as you want, only 15 tunnels can be used at once )
i am not sure about the $$ as the boss got this, and dropped it on my lap.
we have 15 VPN licences, So that allows for 15 VPN Tunnels to me made ( i.e. install the app as much as you want, only 15 tunnels can be used at once
) i am not sure about the $$ as the boss got this, and dropped it on my lap.
Posted: Tue Feb 14, 2006 2:54 am
Posted: Tue Feb 14, 2006 4:01 pm
thanks :icon14: that got me what I needed.AmIdYfReAk wrote:all the cost's are here mang
http://www.fortiwall.com/productcart/pc ... tegory=666
Posted: Fri Feb 24, 2006 6:00 am
Looks nice. :icon14:
Is the memory util. so high because you don't have a disk dedicated to log storage possibly?
Is the memory util. so high because you don't have a disk dedicated to log storage possibly?
Posted: Fri Feb 24, 2006 3:32 pm
I've got a 60M on order for a remote site :iconthumbsup:
Posted: Sun Feb 26, 2006 5:33 pm
nice eh?
i love it when i had msn blocked... people where less then pleased.
i love it when i had msn blocked... people where less then pleased.
Posted: Sun Feb 26, 2006 10:29 pm
*waits for the new fiemware to hit the 60's*Posted: Wed Mar 15, 2006 5:30 pm
very happy with the 60 overall.. some observations:
keyword/url filtering should not implicitly override 'allow all from host' rules (which by the way have no effect if there's a deny from all hosts below it--very different from checkpoint or cisco).
In 3.0 I hope they tweak the spam filters, and maybe include pop3s and imaps proxy filters, as well.
other than that, with dumped syslog data every day, it's every bit as effective as any solution I've used short of ssl-based proxy/vpn aggregators.
and the firmware upload via https is brilliant.
keyword/url filtering should not implicitly override 'allow all from host' rules (which by the way have no effect if there's a deny from all hosts below it--very different from checkpoint or cisco).
In 3.0 I hope they tweak the spam filters, and maybe include pop3s and imaps proxy filters, as well.
other than that, with dumped syslog data every day, it's every bit as effective as any solution I've used short of ssl-based proxy/vpn aggregators.
and the firmware upload via https is brilliant.
Posted: Wed Mar 15, 2006 11:54 pm
do you know if there's compression being used? Due to the latency-crushing kickassedness of zlib, I'm torn between the reluctance to sacrifice an openvpn solution and my nagging fear of the grim PChardware Reaper. If you're not sure don't sweat it, man-- I'll do some searching this weekend.
Posted: Thu Mar 16, 2006 1:50 pm
thanks :icon11: