Chapter 7 Firewall : Firewall objects : Addresses
Firewall addresses define sources and destinations of network traffic and are used when creating policies. When properly set up these firewall objects can be used with great flexibility to make the configuration of firewall policies simpler and more intuitive. The FortiGate unit compares the IP addresses contained in packet headers with a security policy’s source and destination addresses to determine if the security policy matches the traffic.
The addresses in the FortiGate unit can include:
IPv4 addresses
IPv6 addresses
IPv4 Address Groups
IPv6 Address Groups
IP Pools
Virtual IP Addresses
Geography based addresses
Wildcard addresses and netmasks
Fully Qualified Domain Name addresses
Multicast addresses