This guide explains how to use a FortiGate in Transparent Mode, including using the unit as an Internal Segmentation Firewall (ISFW).
What is Transparent Mode?
A FortiGate unit can operate in one of two modes: Transparent or NAT/Route mode.
In Transparent mode, the FortiGate is installed between the internal network and the router. In this mode, the FortiGate does not make any changes to IP addresses and only applies security scanning to traffic. When a FortiGate is added to a network in Transparent mode, no network changes are required, except to provide the FortiGate with a management IP address. Transparent mode is used primarily when there is a need to increase network protection but changing the configuration of the network itself is impractical.
In NAT/Route mode, a FortiGate unit is installed as a gateway or router between two networks. This allows the FortiGate to hide the IP addresses of the private network using network address translation (NAT).
A Network with a FortiGate unit in Transparent mode