As a small business owner, protecting your network from external threats is critical. The FortiGate 60F is an excellent choice for providing robust network security with its next-generation firewall (NGFW) capabilities, offering intrusion prevention, VPN support, and high-performance security. However, to ensure you’re getting the most out of your FortiGate-60F, you need to set it up correctly. This comprehensive setup guide will take you through the process, ensuring your device is configured for maximum security and optimal performance.
What is FortiGate-60F?
The FortiGate-60F is a next-generation firewall (NGFW) designed to provide high-performance security for small businesses and branch offices. It combines advanced threat protection with high-speed connectivity and is powered by FortiOS, Fortinet’s proprietary operating system. The FortiGate-60F is equipped with a robust set of security features, such as VPN support, SSL inspection, and SD-WAN, to safeguard your network from a wide range of cyber threats.
Key Features of FortiGate-60F
| Feature | Description |
| Firewall Throughput | 10 Gbps |
| VPN Throughput | 6 Gbps |
| IPS Throughput | 2.4 Gbps |
| SSL Inspection | Yes |
| SD-WAN Support | Yes |
| Concurrent Sessions | 1.5 Million |
| Interfaces | 7 x GE RJ45, 1 x GE SFP, 2 x USB ports |
Step-by-Step FortiGate-60F Setup Guide
Now that you know the features of the FortiGate-60F, let’s walk you through the setup process to ensure your device is properly configured.
1. Initial Setup and Physical Connection
Start by unboxing your FortiGate-60F and physically connecting it to your network. Here’s how to do it:
- Power Up the Device: Connect the power cable to the FortiGate device and plug it into a power source.
- Network Connections: Connect the WAN port (usually labeled as WAN or Internet) to your router or modem. Connect the LAN port to your internal network switch or computer.
- Console Access: If you prefer initial setup through a console connection, use the console cable provided and connect it to your PC.
| Benefit | Description |
| Easy Physical Setup | The device is simple to physically connect to your network and power source. |
| Multiple Ports for Flexibility | Utilize WAN, LAN, and USB ports for flexible connections. |
2. Logging In to FortiOS
Once your device is powered on, you can access the FortiGate-60F’s management interface via a browser:
- Connect Your Computer: Connect your computer to the LAN port of the FortiGate-60F.
- Accessing the Web Interface: Open a web browser and navigate to the default IP address: 192.168.1.99.
- Login Credentials: The default username is admin and the default password is blank (no password).
| Benefit | Description |
| Web Interface for Easy Configuration | Access the device’s settings and configuration through an easy-to-use web interface. |
| Secure Access | Use FortiOS login credentials to ensure only authorized personnel have access. |
3. Initial Configuration
After logging in, you’ll be prompted to perform the initial setup. Follow these steps:
- Change the Admin Password: Set a strong, unique password for the admin account to enhance security.
- Set the IP Address: Change the LAN IP address (if necessary) to align with your network’s subnet.
- Configure DNS Settings: Set up the DNS servers to allow internet access for updates and services.
| Benefit | Description |
| Strong Password Security | Set a strong password to secure the admin account from unauthorized access. |
| Network Configuration Flexibility | Adjust IP and DNS settings to match your network infrastructure. |
4. Configure Firewall Policies
With the FortiGate-60F, you can set up customized firewall policies that dictate what network traffic is allowed or blocked.
- Navigate to Policies: Go to the Policy & Objects section in FortiOS.
- Create New Policy: Define rules for inbound and outbound traffic, specifying the source, destination, and service types.
- Apply Policies: Ensure that policies are applied based on the specific needs of your network—whether it’s allowing web traffic, blocking certain applications, or restricting access to internal resources.
| Benefit | Description |
| Granular Control Over Traffic | Customize firewall rules based on specific network traffic types. |
| Improved Network Security | Block unwanted or potentially harmful traffic while allowing necessary services. |
5. Set Up VPN for Remote Access
The FortiGate-60F supports both IPSec VPN and SSL VPN for secure remote access. Follow these steps to configure a VPN:
- Enable VPN Feature: Go to the VPN section and select IPSec VPN or SSL VPN.
- Configure Remote User Access: Set up remote user accounts with strong authentication methods like two-factor authentication (2FA) for added security.
- VPN Tunnel Setup: If you’re connecting branch offices or remote sites, set up site-to-site IPSec tunnels to securely connect them.
| Benefit | Description |
| Secure Remote Access | VPNs allow employees to securely connect to your network remotely. |
| Flexible VPN Options | Choose IPSec VPN for site-to-site or SSL VPN for remote workers. |
6. Enable SSL Inspection for Encrypted Traffic
The FortiGate-60F provides SSL inspection to detect threats hidden in encrypted traffic. To enable it:
- Navigate to SSL Inspection Settings: Go to Security Profiles > SSL/SSH Inspection.
- Enable Full Inspection: Choose Full SSL Inspection to decrypt and scan encrypted traffic for malicious content.
- Apply SSL Inspection: Apply SSL inspection to the appropriate firewall policies to ensure that traffic is inspected as it flows through the firewall.
| Benefit | Description |
| Enhanced Security for Encrypted Traffic | Prevent threats hidden in SSL/TLS traffic by inspecting all encrypted traffic. |
| Comprehensive Malware Detection | Detect malware or phishing attempts that could otherwise bypass traditional security. |
7. Set Up High Availability (HA) for Redundancy
To ensure network uptime, the FortiGate-60F supports High Availability (HA) configurations. In the event of a failure, a backup unit automatically takes over, ensuring continuous protection.
- Enable HA Mode: Go to System > HA and configure the HA cluster.
- Configure Redundant Devices: Connect a secondary FortiGate unit to create an HA cluster.
- Monitor HA Status: Use the HA status page to monitor the health of your devices and ensure high availability.
| Benefit | Description |
| Continuous Protection | Redundant devices automatically take over if the primary unit fails, ensuring no downtime. |
| Automatic Failover | Provides uninterrupted network security and reliability with minimal disruption. |
FortiGate-60F Setup Checklist
Here’s a quick checklist to ensure your FortiGate-60F is set up correctly:
| Step | Action |
| 1. Initial Device Setup | Power on and connect the device to your network and power source. |
| 2. Access FortiOS | Log in to FortiOS using the default credentials and update settings. |
| 3. Configure Network Settings | Set up the LAN IP, DNS, and gateway settings for your network. |
| 4. Create Firewall Policies | Set up firewall rules to manage inbound and outbound traffic. |
| 5. Configure VPN | Set up IPSec VPN or SSL VPN for remote user access. |
| 6. Enable SSL Inspection | Enable SSL inspection to scan encrypted traffic for hidden threats. |
| 7. Set Up HA | Set up High Availability for network redundancy and uninterrupted protection. |
| 8. Monitor and Optimize | Use FortiOS logs and monitoring tools to track performance and security. |
Conclusion: FortiGate-60F Setup for Optimal Security
In conclusion, setting up your FortiGate-60F for optimal protection is a straightforward process when you follow the steps outlined in this guide. By configuring your firewall settings, enabling VPNs, setting up SSL inspection, and leveraging High Availability for redundancy, you can ensure that your network is secure, reliable, and protected against a wide range of cyber threats. The FortiGate-60F offers a high-performance, affordable solution that is easy to manage, making it an ideal choice for small businesses looking to strengthen their network security. With the right setup, you can unlock its full potential and keep your network safe, scalable, and high-performing.
System Integrator offers comprehensive IT solutions worldwide for both business and public entities. Acquire Cisco routers, Cisco switches, and additional IT products through our range.
