Final answer:
A FortiGate firewall uses criteria such as Destination IP Address, Destination Port/Service, Outgoing Interface, Schedules, and Security Profiles to match a packet to its firewall rules.
Step-by-step explanation:
The question asks for the criteria that a FortiGate firewall uses to match the destination of a packet against its firewall rules. When FortiGate processes packets, it evaluates several criteria to determine if a packet matches a specific firewall rule. Some of these criteria include:
- Destination IP Address: The IP address the packet is directed to.
- Destination Port/Service: The service or port number the packet is aiming to reach, such as HTTP/80 or HTTPS/443.
- Outgoing Interface: The interface through which the packet will leave the FortiGate device.
- Schedules: Time-based controls that define when the rule is active.
- Security Profiles: Inspections for various threats and content filtering settings.
These criteria are cross-checked against the set of firewall rules that have been predefined in the FortiGate's configuration. The rule that has all its criteria matching with the packet's parameters will be the one applied to that packet.