FortiGate-100A Administration Guide Version 2.80 MR7
FortiGate-100A Administration Guide
01-28007-0068-20041203
277
IPS
The FortiGate Intrusion Prevention System (IPS) combines signature- and anomaly-
based intrusion detection and prevention with low latency and excellent reliability. The
FortiGate unit can record suspicious traffic in logs, can send alert email to system
administrators, and can log, pass, drop, reset, or clear suspicious packets or
sessions. You can adjust some IPS anomaly thresholds to work best with the normal
traffic on the protected networks. You can also create custom signatures to customize
the FortiGate IPS for diverse network environments.
You can configure the IPS globally and then enable or disable all signatures or all
anomalies in individual firewall protection profiles.
Table 23
describes the IPS settings
and where to configure and access them. To access protection profile IPS options go
to Firewall > Protection Profile, select edit or Create New, and select IPS. See
“Protection profile options” on page 223
.
Protection profile configuration
For information about adding protection profiles to firewall policies, see
“To add a
protection profile to a policy” on page 229
.
IPS updates and information
FortiProtect services are a valuable customer resource and include automatic updates
of virus and IPS (attack) engines and definitions through the FortiProtect Distribution
Network (FDN). The FortiProtect Center also provides the FortiProtect virus and
attack encyclopedia and the FortiProtect Bulletin.
Visit the FortiProtect Center at
http://www.fortinet.com/FortiProtectCenter/
.
To set up automatic and push updates see
“Update center” on page 118
.
Table 23: IPS and Protection Profile IPS configuration
Protection Profile IPS options
IPS setting
IPS Signature
IPS > Signature
Enable or disable IPS signatures for all
network services.
View and configure a list of predefined
signatures.
Create custom signatures based on the
network requirements.
IPS Anomaly
IPS > Anomaly
Enable or disable IPS anomalies for all
network services.
View and configure a list of predefined
anomalies.
Summary of Contents for FortiGate 100A
Page 12: ...Contents 12 01 28007 0068 20041203 Fortinet Inc ...
Page 24: ...24 01 28007 0068 20041203 Fortinet Inc FortiLog documentation Introduction ...
Page 72: ...72 01 28007 0068 20041203 Fortinet Inc Transparent mode VLAN settings System network ...
Page 80: ...80 01 28007 0068 20041203 Fortinet Inc DHCP IP MAC binding settings System DHCP ...
Page 114: ...114 01 28007 0068 20041203 Fortinet Inc Access profile options System administration ...
Page 232: ...232 01 28007 0068 20041203 Fortinet Inc Profile CLI configuration Firewall ...
Page 244: ...244 01 28007 0068 20041203 Fortinet Inc peergrp Users and authentication ...
Page 276: ...276 01 28007 0068 20041203 Fortinet Inc ipsec vip VPN ...
Page 338: ...338 01 28007 0068 20041203 Fortinet Inc Configuring the banned word list Spam filter ...
Page 356: ...356 01 28007 0068 20041203 Fortinet Inc syslogd setting Log Report ...
Page 374: ...374 01 28007 0068 20041203 Fortinet Inc Index ...