FortinetメーカーFortiGate-5000の使用説明書/サービス説明書
ページ先へ移動 of 77
FortiGate-5000 Series Introduction 01-30000-834 66-20090108 FAN TRA Y FAN TRA Y FAN TRA Y 1 3 1 1 975312468 1 0 1 2 1 4 5140 C R IT I C A L R E S E T M A J O R M IN O R U S E R 1 U S E R 2 U S E R 3 5.
FortiGate- 5000 Ser ies Introduc tion 8 January 2009 01-30000-83 466-20090108 © Copyright 2009 Fortine t, Inc. All rights reser ved. No part of this publication including text, examples , diagrams or.
Contents FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 3 http://docs.fortinet.com/ • Feedback Contents Introduction ............... ............................ .......................................... ......... 7 Revision history .
Contents FortiGate-5000 Series Introduction 4 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back FortiGate-5050 chassis ......... ............................ ............................ ......... 27 FortiGate-5050 front panel .. .....
Contents FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 5 http://docs.fortinet.com/ • Feedback FortiGate-5001SX security system ............... ............................... ......... 49 Front panel LEDs and connector s ............
Contents FortiGate-5000 Series Introduction 6 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back.
Introduction Revision history FortiGate-5000 Series Introduction 01-30000-83466-200901 08 7 Introduction This FortiGate-5000 Series Introductio n is a high-level guide to all three FortiGate-5000 serie s chassis and the boards that you can inst all in them.
FortiGate-5000 Series Introduction 8 01-30000-83466-200901 08 About the FortiGate- 5000 series chassis Introduction About the FortiGate-5000 series chassis The For tiGate-5000 s eries Secu rity System.
Introduction About the FortiGate-5000 series boards FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 9 FortiGate-5020 chassis Y ou can install one or two FortiG ate-5000 se ries boards in the two slot s of the FortiGate-5020 A TCA chassis.
FortiGate-5000 Series Introduction 10 01-30000-83466-200901 08 About the FortiGate-5000 series boa rds Introduction FortiGate-RTM-XB2 module The FortiGate-R TM-XB2 system is a rear transition module (.
Introduction Warnings and cautions FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 11 FortiSwitch-5003 system The FortiSwitch-5003 system provides base backplane communication between FortiGate security boards inst alled in FortiGate -5140 or FortiGate-5050 chassis.
FortiGate-5000 Series Introduction 12 01-30000-83466-200901 08 Warnings and cautions Introduction • T urning of f all power switches may not turn off all po wer to the FortiGate-5000 series equipment. Some circuitr y in the FortiGate-5000 serie s equipment may continue t o operate even thoug h all power switches are off.
Introduction About Data Center DC power FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 13 About Dat a Center DC power The FortiGate-5140 and FortiGate-5050 chassis are desig ned to be installed in a Data Center or similar loca tion that has availa ble -48VDC powe r .
FortiGate-5000 Series Introduction 14 01-30000-83466-200901 08 Register your Fortinet product Introduction Register your Fortinet product Register your Fortinet product to re ceiv e Fortinet cus tomer services such as product updates and tech nical support.
FortiGate-5140-R chassis FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 15 http://docs.fortinet.com/ • Feedback FortiGate-5140-R chassis Y ou can install up to 14 FortiGate-5000 series boards in the 14 front panel slo ts of the FortiGate- 5140 A TCA ch assis.
FortiGate-5140 chassis front panel FortiGate-5140-R chassis FortiGate-5000 Series Introduction 16 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back FortiGate-5140 chassis front p anel Figure 1 shows the fron t pane l of a FortiGat e- 5140 chassis.
FortiGate-5140-R chassis FortiGate-5140 chassis back panel FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 17 http://docs.fortinet.com/ • Feedback Also visible on the front of the FortiGate-5140 chassis: • Electrosta tic discharge (ESD) socket, used for conne cting an ESD wrist or ankle band when working w ith the ch assis.
Physical description of the FortiGate- 5140 chassis FortiGate-5140-R chassis FortiGate-5000 Series Introduction 18 01-30000-83466-200901 08 http://docs.
FortiGate-5140 chassis FortiGate-5140 chassis front panel FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 19 http://docs.fortinet.com/ • Feedback FortiGate-5140 chassis Y ou can install up to 14 FortiGate-5000 series boards in the 14 front panel slo ts of the FortiGate- 5140 A TCA ch assis.
FortiGate-5140 chassis back panel FortiGate-5140 chassis FortiGate-5000 Series Introduction 20 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back Figure 3: FortiGate-5140 chassis front .
FortiGate-5140 chassis FortiGate-5140 chassis back panel FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 21 http://docs.fortinet.com/ • Feedback Figure 4: FortiGate-5140 cha ssis back panel If you require redundant power you should conne ct both PEMs to DC power .
Physical description of the FortiGat e-5140 ch assis FortiGate-5140 chassis FortiGate-5000 Series Introduction 22 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back Physical description of the FortiGate-5140 chassis The FortiGate-5140 chassis is a 12U chassis that can be installed in a st andard 19-inch rack.
FortiGate-5050-R chassis FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 23 http://docs.fortinet.com/ • Feedback FortiGate-5050-R chassis Y ou can install u p to five FortiGate-5000 series boards in the five slots o f the FortiGate-5050 A TCA chassis.
FortiGate-5050 front panel FortiGate-5050-R chassis FortiGate-5000 Series Introduction 24 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back FortiGate-5050 front panel Figure 5 shows the front of a FortiGate-50 50 ch assis. T wo FortiSwitch-5003 boards ar e insta lled in slots 1 and 2.
FortiGate-5050-R chassis FortiGate-5050 back panel FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 25 http://docs.fortinet.com/ • Feedback FortiGate-5050 back p anel Figure 6 shows the ba ck of a F ortiGate-50 50 ch assis.
Physical description of the FortiGate- 5050 chassis FortiGate-5050-R chassis FortiGate-5000 Series Introduction 26 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back Physical description of the FortiGate-5050 chassis The FortiGate-5050 chassis is a 5U chassis that can be installed in a st andard 19-inch rack.
FortiGate-5050 chassis FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 27 http://docs.fortinet.com/ • Feedback FortiGate-5050 chassis Y ou can install u p to five FortiGate-5000 series boards in the five slots o f the FortiGate-5050 A TCA chassis.
FortiGate-5050 front panel FortiGate-5050 chassis FortiGate-5000 Series Introduction 28 01-30000-83466-200901 08 http://docs.fort inet.com/ • Feed back FortiGate-5050 front panel Figure 7 shows the front of a FortiGate-50 50 ch assis. T wo FortiSwitch-5003 boards ar e insta lled in slots 1 and 2.
FortiGate-5050 chassis Physical description of the FortiGate-5050 chassis FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 29 http://docs.fortinet.com/ • Feedback Figure 8: FortiGate-5050 cha ssis back panel The back pane l includes the FortiGate-5050 chassis groun d connector which must be connected to Data Center gr ound.
Physical description of the FortiGat e-5050 ch assis FortiGate-5050 chassis FortiGate-5000 Series Introduction 30 01-30000-83466-200901 08 http://docs.
FortiGate-5020 chassis FortiGate-5020 front panel FortiGate-5000 Series Introduction 01-30000-83466-200901 08 31 FortiGate-5020 chassis Y ou can install one or two FortiGa te-5000 series boards in the two slot s of the FortiGate-50 20 A TCA chassis.
FortiGate-5000 Series Introduction 32 01-30000-83466-200901 08 FortiGate-5020 back panel FortiGate- 5020 chassis FortiGate-5020 back p anel Figure 10 shows the back of a FortiG ate-5020 c hassis. Th e chassis ba ck panel includes two redundant AC power connec tors and provides access to th e hot swappable cooling fan tray .
FortiGate-5001A security system FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 33 FortiGate-5001A security system The FortiGate-5001 A security system is a high-perfo rmance Advanced T .
FortiGate-5000 Series Introduction 34 01-30000-83466-200901 08 Front panel LEDs and connectors FortiGate-5001A security system Figure 1 1: FortiGate-5 001A-DW front panel Figure 12: FortiGate-5001A-SW.
FortiGate-5001A security system Front panel LEDs and connectors FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 35 LEDs Ta b l e 7 lists and de scribes the FortiGate-5001 A LEDs.
FortiGate-5000 Series Introduction 36 01-30000-83466-200901 08 Base backplane communication Fo rtiGate-5001A security system Connectors Ta b l e 8 lists and describes the FortiGate-50 01A connector s.
FortiGate-5001A security system AMC modules FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 37 FortiGate-RTM-XB2 The FortiGate-R TM-XB2 module provides two 10-gigabit fabric backplane interfaces and NP2 processor acceler ation for FortiGate-5001A fabric interfaces.
FortiGate-5000 Series Introduction 38 01-30000-83466-200901 08 AMC modules FortiGate-5001A security system • The FortiGate-ASM-FB4, provides 4 NP2 accelerated SFP 1-gigabit interfaces . • The FortiGate-ASM-S08, pr ovides adds a re movable hard disk th at you can use to store log files and content ar chives.
FortiGate-RTM-XB2 system FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 39 FortiGate-RTM-XB2 system The FortiGate-R TM-XB2 system provides two 10- gigabit fabric backplane interfaces and NP2 processor acceler ation for FortiGate-5001A boards inst alled in FortiGate-5140 and FortiGate-5050 chassis.
FortiGate-5000 Series Introduction 40 01-30000-83466-200901 08 Front panel LED FortiGate-RTM-XB2 system Front p anel LED From the FortiGate-R TM-XB2 font p anel includes a power LED. Fabric backplane 10-gigabit communication The FortiGate-RTM -XB2 module is used for fabric backp lane 10-gigabit dat a communication.
FortiGate-5005F A2 security system FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 41 FortiGate-5005F A2 security system The FortiGate-5005F A2 security system is a high-performance FortiGate security system with a total of 8 front pa nel gigabit ethernet interfaces, two base backplane interfaces, and two fabric backplane interf aces.
FortiGate-5000 Series Introduction 42 01-30000-83466-200901 08 Front panel LEDs and connectors Fo rtiGate-5005F A2 security system • 2 USB connectors. • Mounting hardware. • LED status indi cators. The FortiGa te-5005F A2 board comes supplie d with fiber and copper SFP transceivers.
FortiGate-5005F A2 security system Accelera ted packet forwarding and policy enforcement FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 43 Connectors Ta b l e 1 1 lists and describes the FortiGate-5005F A2 connectors.
FortiGate-5000 Series Introduction 44 01-30000-83466-200901 08 Base backplane gigabit communication FortiGate- 5005F A2 security system • Firewall an d intrusion prot ection (IPS ), when there is a reas onable perc entage of P2P packet s.
FortiGate-5001F A2-LENC se curity system FortiGate-5000 Series Introduction 01-30000-83466-200901 08 45 FortiGate-5001F A2-LENC security system The FortiGate-5001 F A2-LENC security sy stem is a high-performance FortiGate security system with a tot al of 8 front pane l gigabit ethernet interfaces and two base backplane interfaces.
FortiGate-5000 Series Introduction 46 01-30000-83466-200901 08 Front panel LEDs and connectors Fort iGate-5001F A2-LENC security system • Mounting hardware • LED status ind icators The FortiGate -5001F A2-LENC board co mes supplied with fo ur optical or four copper SFP transce ivers.
FortiGate-5001F A2-LENC se curity system Accele rated packet forwarding and policy enforcement FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 47 Connectors Ta b l e 1 3 lists and de scribes th e FortiGat e-5001F A2-LENC conn ectors.
FortiGate-5000 Series Introduction 48 01-30000-83466-200901 08 Base backplane gigabit communication FortiGate-500 1F A2-LENC security system • Firewall, intrusion pr otection (IPS) , and antivir us, when th ere is a rea sonable percentage of P2 P packets.
FortiGate-5001SX security system FortiGate-5000 Series Introduction 01-30000-83466-200901 08 49 FortiGate-5001SX security system The FortiGate-5001 SX security system is a high-perfor mance FortiGate securi ty system with a total of 8 front pan el gig abit ethernet interfaces and two base backplane in terfaces .
FortiGate-5000 Series Introduction 50 01-30000-83466-200901 08 Front panel LEDs and connectors FortiGate-5001SX security system The FortiGate -5001SX boar d ships with two RAM DIMMs installed on the FortiGate-5001SX circuit board.
FortiGate-5001SX security system Base backplane gigabit interfaces FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 51 Connectors Ta b l e 1 5 lists and de scribes the FortiGate- 5001SX conn ectors.
FortiGate-5000 Series Introduction 52 01-30000-83466-200901 08 Base backplane gigabit interfaces FortiGate- 5001SX security system.
FortiSwitch-5003A system FortiGate-5000 Series Introduction 01-30000-83466-200901 08 53 FortiSwitch-5003A system The FortiSwitch-5003A boa rd provides 10/1-gigabit fabr ic backplane channel layer-2 switch ing and 1- gigabit base b a ckplane channel layer- 2 switching in a dual star architecture fo r the FortiGat e-5140 and FortiGate-505 0 chassis.
FortiGate-5000 Series Introduction 54 01-30000-83466-200901 08 Front panel LEDs and connectors FortiSwitch-5003A system Figure 21: FortiSwitch-5003A front panel • One front p anel base backplane 1 0.
FortiSwitch-5003A system Front panel LEDs and connectors FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 55 LEDs Ta b l e 1 6 lists and describes the FortiSwitch-5003A front p anel LEDs. T able 16: FortiSwitch-5003A front panel LEDs and switches LED St ate Description OOS (Out of Service) Of f Normal operation.
FortiGate-5000 Series Introduction 56 01-30000-83466-200901 08 Front panel LEDs and connectors FortiSwitch-5003A system Base channel interfaces Ta b l e 1 7 list s and describes the FortiSwitch-5 003A base backplane channel interfaces. The base backplane i nterfaces are not configurable or visible from th e FortiSwitch-5003A CLI.
FortiSwitch-5003A system Front panel LEDs and connectors FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 57 Fabric channel interfaces Ta b l e 1 8 lists and describes the FortiSwitch-5003 A fabric channel interfaces.
FortiGate-5000 Series Introduction 58 01-30000-83466-200901 08 FortiSwitch-5003 A configurations FortiSwitch-5003A system Front panel connectors Ta b l e 2 0 list s and describes the FortiSwitch-5 003A front p anel connectors.
FortiSwitch-5003A system FortiSwitch-5003A configurations FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 59 Figure 24: FortiSwitch-5003A base channel 1 HA heartb eat communication Fabric 10-gigabit sw itching within a chassis One FortiGate-R TM-XB2 provides 10-gigabit con nections to both FortiGate-5001A fabric channels.
FortiGate-5000 Series Introduction 60 01-30000-83466-200901 08 FortiSwitch-5003 A configurations FortiSwitch-5003A system Layer-2 link aggregation a nd redundancy configurations The FortiSwitch-5003A board suppor ts 802.3ad st atic mode layer- 2 link aggregation, 802.
FortiSwitch-5003 system Front panel LEDs and connectors FortiGate-5000 Series Introduction 01-30000-83466-200901 08 61 FortiSwitch-5003 system The FortiSwitch-5003 bo ard provides base backplan e interface switching for the FortiGate-5140 ch assis and the FortiG ate-5050 cha ssis.
FortiGate-5000 Series Introduction 62 01-30000-83466-200901 08 Front panel LEDs and connectors FortiSwitch-5003 system Figure 27: FortiSwitch-5003 front panel LEDs Ta b l e 2 1 list s and describes the FortiSwitch-500 3 board front pane l LEDs.
FortiSwitch-5003 system Front panel LEDs and connectors FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 63 About the ZRE n etwork activity LED s The ZRE network activity LEDs show links and network activity for the interfaces and connections listed in Ta b l e 2 2 .
FortiGate-5000 Series Introduction 64 01-30000-83466-200901 08 Base backplane communications FortiSwitch-5003 system Connectors Ta b l e 2 3 list s and describes the FortiSwitch-5 003 front p anel connectors.
FortiSwitch-5003 system Base backplane communicati ons FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 65 In a single chassis, more than one cluster can use the same base backplane interface for HA heartbeat communication.
FortiGate-5000 Series Introduction 66 01-30000-83466-200901 08 Base backplane communications FortiSwitch-5003 system.
The FortiGate-5005-DIST securi ty system Basic FortiGate security system configuration FortiGate-5000 Series Introduction 01-30000-83466-200901 08 67 The FortiGate-5005-DIST security system The FortiG.
FortiGate-5000 Series Introduction 68 01-30000-83466-200901 08 FortiController- 5208 I/O boards The FortiGate-5005-DIST security system Figure 29: Example basic FortiGate-5005-DIST security system FortiController-5208 I/O boards Data flows into and ou t of the FortiGate-5005-DIST syste m through the I/O boards.
The FortiGate-5005-DIST security syst em FortiGate-5005F A2 worker boards FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 69 FortiGate-5005F A2 worker boards The FortiGate-5005 F A2 security system serves as the worker board for the FortiGate-5005-DIST security system.
FortiGate-5000 Series Introduction 70 01-30000-83466-200901 08 FortiGate-5005-DIST security system chassis The FortiG ate-5005-DIST security system FortiGate-5005-DIST secu rity system chassis FortiGate-5005-DIST security systems ca n be installed in FortiGate-5050 or FortiGate -5140 cha ssis.
The FortiGate-5005-DIST security syst em FortiGate-5005-DIST interface names FortiGate-5000 Series In troduction 01-30000-83466-2009 0108 71 FortiGate-5050 chassis Y ou can install one or two I/O board s in slot 1 and 2 of the FortiGate-5050 A TCA chassis.
FortiGate-5000 Series Introduction 72 01-30000-83466-200901 08 FortiGate-5005-DIST interf ace names The FortiGate- 5005-DIST security system T able 24: For tiGate-5005-DIST interface naming FortiContr.
FortiController-5208 system FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 73 FortiController-5208 system Y ou can create a FortiGate-5005-DIST high- throughput multi-threat network security system using one or two Fort iControll er-5208 boards and multiple FortiGate- 5005 boar ds in a Fort iGate-5050 or FortiG ate-5140 c hassis.
FortiGate-5000 Series Introduction 74 01-30000-83466-200901 08 Front panel LEDs and connectors FortiControlle r-5208 system • Inserting a FortiController-52 08 module into a chassis • Removing a F.
FortiController-5208 system Front panel LEDs and connectors FortiGate-5000 Seri es Intro duction 01-30000-83466-2009 0108 75 The control LEDs of a secondary FortiController-5208 board will be sync hronized to the control LEDs of the primary because all the inst alled boards use the same fabric backplane network to communicate.
FortiGate-5000 Series Introduction 76 01-30000-83466-200901 08 Backplane gigabit interfaces FortiControlle r-5208 system Backplane gigabit interfaces The FortiController-520 8 board uses the ch assis backplane gigabit in terfaces for all communication with boards inst alle d in the chassis .
www.fortinet.com.
デバイスFortinet FortiGate-5000の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Fortinet FortiGate-5000をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはFortinet FortiGate-5000の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Fortinet FortiGate-5000の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Fortinet FortiGate-5000で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Fortinet FortiGate-5000を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はFortinet FortiGate-5000の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Fortinet FortiGate-5000に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちFortinet FortiGate-5000デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。