What action does FortiGate take when it detects a packet that does not meet any defined firewall rules?

When FortiGate detects a packet that does not meet any defined firewall rules, it takes the action of dropping the packet. This behavior is a fundamental part of the firewall's security model, which is designed to protect the network by only allowing traffic that has been explicitly permitted through defined rules.

In a typical firewall operation, if a packet does not match any of the rules set in the firewall policies, it will be treated as untrusted traffic and subsequently discarded to prevent potential security threats from entering the network. This approach ensures that only authorized and expected communications are allowed, thereby maintaining the integrity and security of the network environment.

This action also minimizes the risk of attacks, including those that might exploit vulnerabilities in services running on the network. By default, most firewalls, including FortiGate devices, deny traffic as a security measure unless specified otherwise in the policy rules.