Genel, Güvenlik
Fortigate Multiple İnterfaces Policies Nedir ?

Fortigate Multiple İnterfaces Policies Nedir ?

Herkese Merhaba,

Fortigate’ in Multiple İnterfaces Policies özelliğinden bahsedeceğiz. Ne işimize yarar diye düşünürsek normalde source ve destination interface eklediğimiz kuralları düşünün ve onu sources ve destinations olarak değiştirelim kısaca kural kalabalığından kurtarıyor diyebiliriz.

Dezavantaj olarak ise (makalenin sonunda farkı göstereceğim) kural ekranımızdaki default ta gelen INTERFACE PAIR görünümünü kapatıyor ve BY SEQUENCE moduna geçiyor. Çünkü kuralımız tek bir interface olmayacağı için bu ayarlama yapılamıyor.

Örnek olarak bir yere VPN vermek istiyorsunuz. Port1 ve Port2 interfaceleri ayrı networkler olduğunu düşünelim. Bunun için VPN to Port1 ve VPN to Port2 diye 2 ayrı kural yapmam lazım. Bu anlatacağım özellik sayesinde tek kural ile VPN to Port1 and Port2 yapabiliyor olacağım ve tek kural da işimi çözmüş olacağım .

Nasıl yapıldığına geçelim;

İlk olarak System > Feature Select sayfasına gelip MULTIPLE INTERFACE POLICIES özelliğini aktif ediyoruz.

Bunu yaptıktan sonra yeni bir kural oluşturuyoruz.

Gördüğünüz gibi birden fazla source ve destination interface e sahip bir kural oluşturduk ok diyerek kaydediyoruz.

Ve gördüğünüz gibi kuralımız belirlediğimiz portlarla oluştu.

İşinize Yaraması Dileğiyle..

BY SEQUENCE görünümü

INTERFACE PAIR görünümü

Share this Story

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Bu site, istenmeyenleri azaltmak için Akismet kullanıyor. Yorum verilerinizin nasıl işlendiği hakkında daha fazla bilgi edinin.

The Hacker News

  • Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances
    by [email protected] (The Hacker News) on 11 Eylül 2024 at 16:20

    The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to a new report by French cybersecurity company Sekoia. "The Quad7 botnet operators appear to be

  • DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe
    by [email protected] (The Hacker News) on 11 Eylül 2024 at 15:39

    A "simplified Chinese-speaking actor" has been linked to a new campaign that has targeted multiple countries in Asia and Europe with the end goal of performing search engine optimization (SEO) rank manipulation. The black hat SEO cluster has been codenamed DragonRank by Cisco Talos, with victimology footprint scattered across Thailand, India, Korea, Belgium, the Netherlands, and China. "

  • Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate
    by [email protected] (The Hacker News) on 11 Eylül 2024 at 12:07

    The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9, 2024, simultaneously at several locations. The six men, aged between 32 and 42, are suspected of

  • Why Is It So Challenging to Go Passwordless?
    by [email protected] (The Hacker News) on 11 Eylül 2024 at 10:41

    Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, "If it sounds too good to be true, it probably is."  If your organization is like many, you may be contemplating a move to passwordless authentication. But the reality is that a passwordless security approach comes with its own

  • Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware
    by [email protected] (The Hacker News) on 11 Eylül 2024 at 09:46

    Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. "The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews," ReversingLabs researcher Karlo Zanki said. The activity has been assessed to be part of