Fortinet’s FortiGate-224B is a security appliance for Windows systems that also acts as a Layer 2 switch or router. It has anti-virus, intrusion detection and prevention, anti-spam and web content filtering capabilities, and also supports IP security (IPsec) and Secure Sockets Layer (SSL) virtual private network (VPN) connections.

Our test model arrived at the labs in so-called trusted mode and it was simple to connect it to our BT ADSL router. The 224B has two 10/100Mbit/s WAN interfaces, giving firms redundant access to the internet, a RJ-45 management console port, two gigabit ports, and 24 10/100Mbit/s ports. The appliance can also be set up to act as a router.

The default IP address is 192.168.1.99, and initial setup was achieved by connecting a standard Windows XP Professional system with an IP address on the same subnet using one of the LAN ports. After connecting the device to our router, we set about configuring it to protect our Windows 2003 Server system and several client systems. We managed the 224B locally as well as remotely over a Secure Shell (SSH) connection and also by connecting to the appliance through a workstation using a LogMeIn Pro account.

Once the system was operating correctly we could back up its configuration into a separate folder on our management PC or onto a USB device. Saved configurations can also be encrypted and password protected for extra security.

We had a few problems configuring the appliance remotely, and at one point inadvertently managed to block off access to the appliance completely.
The interface is good, although the wealth of features makes it seem a little cluttered. Also, performance can suffer if too many Layer 7 functions, such as email inspection, are turned on.

The 224B has a clientless port-based security profile system. We used this to restrict network access to systems running Windows XP and specific third-party firewall and anti-virus packages. The 224B only supports Windows and so is not recommended for firms running a mix of operating systems.

Once the client profile is specified, it must be applied using the Strict Policy function, which can be set up to quarantine clients that are “out of policy”. Users who are denied access are directed to Fortinet’s remediation portal, which provides resources to help them meet the desired security requirements. Meanwhile, the Dynamic Policy option quarantines systems if a security event is detected after network access has been granted.

Security events detected by the device can also be forwarded to firms’ pre-defined syslog servers for event analysis or to Fortinet’s dedicated FortiAnalyzer appliance.