Packet Flow of FortiGate Firewall

Packet flow of Fortigate firewall-

When a packet is received by a Fortinet firewall, it goes through a series of processing steps, known as the “packet flow,” before it is either forwarded to its destination or dropped. The packet flow is designed to ensure that all packets are thoroughly inspected and that only legitimate traffic is allowed to pass through the network.

The packet flow typically follows these basic steps:

Input Interface: The packet is received by the Fortinet firewall on an input interface.

Pre-Routing: The firewall performs a series of initial checks on the packet, such as checking the packet’s MAC address, IP address, and VLAN tag.

Routing: The firewall looks up the packet’s destination IP address in its routing table to determine the next hop.

Policy Lookup: The firewall checks the packet against the security policy to determine if it is allowed to pass through the network.

Firewall Processing: The firewall performs additional checks on the packet, such as antivirus scanning, intrusion prevention, and web filtering.

Output Interface: If the packet is allowed to pass through the network, it is sent out on the appropriate output interface.

Dropping: If the packet is not allowed to pass through the network, it is dropped.

It is important to note that the above-explained steps are a general representation of the packet flow, and it can vary depending on the features enabled on the firewall and the security policies in place.

Fortigate firewall packet flow consists of the following modules:

Step#1 Ingress packet flow

•Interface TCP/IP stack

•DoS Sensor

•Interface policy

•IP integrity header checking

•IPsec VPN

•Destination NAT (DNAT)

•Routing

Step#2 Stateful inspection

•Local Management Traffic

•Policy Lookup

•Session Tracking

•Session helpers

•SSL VPN

•User Authentication

•Traffic Shaping

Step#3 Security Features

Flow-based inspection

•IPS

•Application Control

•Web Filter

•DLP

•Antivirus

Proxy-based inspection

•VoIP Inspection

•DLP

•Email Filter

•Web Filter

•Antivirus

•ICAP

Step#4 Egress packet flow

•IPsec VPN

•Source NAT (SNAT)

•Routing

•Interface TCP/IP stack