Workflow
Begin with
“How to set up your FortiWeb” for your initial deployment. These instructions will guide you to the point where you have a simple, verifiably working installation.
Ongoing use is located in the chapters after “How to set up your FortiWeb”. Once you have successfully deployed, ongoing use involves:
• Backups
• Updates
• Configuring optional features
• Adjusting policies if:
• New attack signatures become available
• Requirements change
• Fine-tuning performance
• Periodic web vulnerability scans if required by your compliance regime
• Monitoring for defacement or focused, innovative attack attempts from advanced persistent threats (APTs)
• Monitoring for accidentally blacklisted client IPs
• Using data analytics to show traffic patterns
Except for features independent of policies such as anti-defacement, most features are configured
before policies. Policies link protection components together and apply them. As such, policies usually should be configured last, not first.