This article provides you with a reference to the terminology used in the FortiDirector interface. Objects and elements in what follows will be commonly created, edited and even deleted when using the FortiDirector. FortiDirector administrators should read this first.
Network Resources are always represented with the same iconography across the entire FortiDirector dashboard. Any mention to a Network Resource object will always display the following icon.
A DNS Network Resource has two configured attributes:
An HTTP Network Resource has one configured attribute:
HTTP Network Resources can only be used in HTTP Rulesets and DNS Network Resources can only be used in DNS Rulesets. HTTP and DNS Network Resources are usually, but not always, health-checked differently.
Let us say you have two CDNs hosting your content, but the base path is different on each:
CDN A hosts your content at http://cdnA.example.com/foo/images/1.jpg
CDN B hosts your content at http://cdnB.example.com/bar/images/1.jpg
Because the path for each location is different, we must use HTTP redirection, because HTTP redirection allows us to alter the path that the browser is requesting.
In this case, we would set up two HTTP Network Resources with the following Base URLs:
CDN A: base url of http://cdnA.example.com/foo
CDN B: base url of http://cdnB.example.com/bar
A request coming in to FortiDirector with the URL of http://www.example.com/images/1.jpg would get redirected to:
http://cdnA.example.com/foo/images/1.jpg or
http://cdnB.example.com/bar/images/1.jpg
Let’s consider a second example. Let’s say you have two RTMP servers at rtmp1.example.com and rtmp2.example.com in different locations, and you want to tell clients to connect to rtmp.example.com and load balance between the two servers. In this case, we can use DNS redirection.
We would set up two DNS Network Resources:
rtmp1.example.com as a CNAME
rtmp2.example.com as a CNAME
A request coming in to FortiDirector with a DNS hostname of rtmp.example.com would get redirected to rtmp1.example.com and rtmp2.example.com.
A Network Resource Healthcheck can be configured for each Network Resource, which will allow the FortiDirector platform to run a check against the Network Resource at a configurable interval using any of the following types of tests:
FortiDirector conditions are used to determine if a redirector Rule is a match for a given request. FortiDirector conditions represent technical or business logic.
FortiDirector supports matches on the following types of conditions:
The HTTP redirector platform also supports the following types of conditions:
The DNS redirector platform also supports the following types of conditions:
A redirector Rule is a single collection of redirector conditions and an action statement describing the Network Resources and the method of redirection used by FortiDirector to determine which specific Network Resource to reply with when a request matches the conditions in the Rule.
A simple redirector Rule might say something like:
Rulesets are consistently displayed with the same iconography across the entire FortiDirector dashboard. Any mention to a Ruleset object will always display the following icon.
A Ruleset is an ordered list of Rules corresponding to a single hostname. Every hostname has its own Ruleset, although the same Ruleset can be applied as a template to multiple hostnames to make configuration simpler. Requests are analyzed against the corresponding Ruleset, and the Rules in the Ruleset are evaluated in order until a match is found, and then the routing decision is based on the configuration for that specific Rule.
A summary of what a Ruleset is:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.