Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. Unified Threat Management (UTM) makes network security less complex, cheaper, and more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet's FortiGate in the enterprise. 

Key Features

  • Provides tips, tricks, and proven suggestions and guidelines to set up FortiGate implementations
  • Presents topics that are not covered (or are not covered in detail) by Fortinet’s documentation
  • Discusses hands-on troubleshooting techniques at both the project deployment level and technical implementation area


Network administrators, Information security managers, Network security architects, Computer security and data security professionals

Table of Contents

  • Dedications
  • Acknowledgements
  • About The Author
  • Foreword
  • Preface
  • Intended Audience
  • Organization of this book
  • Section I - General Introduction
    • Chapter 1. Introduction to UTM (Unified Threat Management)
      • Introduction
      • Unified Threat Management (UTM) Foundations
      • Solving Problems with UTM
      • Current UTM Market Landscape
      • Evolution and Future of UTM
    • Chapter 2. FortiGate Hardware Overview
      • FortiGate Hardware Overview
      • FortiGate Custom Hardware Accelerations Overview
      • The ‘Black Art’ of FortiGate Sizing
      • Centralized Management Platform Overview
      • Fortinet Product Portfolio
      • References
    • Chapter 3. FortiOS Introduction
      • Fortios Architecture
      • System Options
  • Section II: UTM Technologies Explained
    • Chapter 4. Connectivity and Networking Technologies
      • Operating Modes
      • Connectivity
      • Routing
      • Servicing users
      • Virtual Domains (VDOM)
      • High Availability
    • Chapter 5. Base Network Security
      • Firewall
    • Chapter 6. Application Security
      • FortiGuard
      • Application Control
      • Network Antivirus/AntiSpyware
      • Intrusion Protection (IPS)
      • Web Filtering
    • Chapter 7. Extended UTM Functionality
      • Introduction
      • WAN Optimization
      • Web Caching
      • Endpoint Control
      • Data Leak Prevention (DLP)
      • Vulnerability Scan
      • References
    • Chapter 8. Analyzing your Security Information with FortiAnalyzer
      • Configuring the FortiAnalyzer
      • Configuring Reports
      • FortiAnalyzer Generated Alerts
      • Log Aggregation
      • Log Forwarding
      • Log Migration


No. of pages:
© 2013
Electronic ISBN:
Print ISBN:

About the authors

Kenneth Tam

Kenneth Tam, Fortinet Certified Network Security Professional (FCNSP), is a senior security engineer at Fortinet, providing hands-on installation, support, and training to customers in the North Central United States. He has over 15 years' experience in the networking/security field from working with companies such as Juniper Networks, Netscreen Technologies, 3com, and US Robotics.

Martín Hoz Salvador

Martín H. Hoz Salvador, Fortinet Certified Network Security Professional (FCNSP), Certified Information Systems Security Professional (CISSP), and Certified Information Systems Auditor (CISA), is a systems engineering manager for Latin America and the Caribbean at Fortinet. In this capacity he oversees business development from the engineering standpoint, which includes hands-on demonstrations, partners training, and developing technical documentation. He has over 15 years' experience in the networking/security field, and is a regular presenter at security conferences in Latin America and Europe.

Ken McAlpine

Ken McAlpine, Cisco Certified Internetworking Expert (CCIE), Fortinet Certified Network Security Professional (FCNSP), is a senior consulting systems engineer at Fortinet. His areas of interest and expertise include the overall design, security, implementation, and documentation of a secure smart grid network. As an expert in the field, he regularly presents at conferences, including the Smart Grid Interoperability Conference.

Bruce Matsugu

Bruce Matsugu is currently a consulting systems engineer at Fortinet and has been with Fortinet for over 10-years in a variety of roles including technical support, release management, training, and professional services. A graduate of the University of British Columbia in electrical engineering, Bruce worked previously in hardware design for fibre transport telecom systems and multi-service routers, and in project engineering for wireless messaging systems. He currently lives near Vancouver, BC.

Josh More

Josh has over fifteen years of experience in IT, and ten years working in Security. Though today, he primarily works as a security consultant, he has also worked in roles ranging from user to developer to system administrator. He holds several security and technical certifications and serves in a leadership position on several security-focused groups. He writes a blog on security at and As security works best from a holistic approach, he works all angles: risk assessments, posture analysis, incident response, malware analysis, infrastructure defense, system forensics, employee training and business strategy. Josh More works at RJS Software Systems, a national data management and security company.