Fortinet fortigate-200a Betriebsanweisung
FortiGate-300A Administration Guide Version 2.80 MR6
FortiGate-300A Administration Guide
01-28006-0092-20041105
293
IPS
The FortiGate Intrusion Prevention System (IPS) combines signature- and anomaly-
based intrusion detection and prevention with low latency and excellent reliability. The
FortiGate unit can record suspicious traffic in logs, can send alert email to system
administrators, and can log, pass, drop, reset, or clear suspicious packets or
sessions. You can adjust some IPS anomaly thresholds to work best with the normal
traffic on the protected networks. You can also create custom signatures to customize
the FortiGate IPS for diverse network environments.
based intrusion detection and prevention with low latency and excellent reliability. The
FortiGate unit can record suspicious traffic in logs, can send alert email to system
administrators, and can log, pass, drop, reset, or clear suspicious packets or
sessions. You can adjust some IPS anomaly thresholds to work best with the normal
traffic on the protected networks. You can also create custom signatures to customize
the FortiGate IPS for diverse network environments.
You can configure the IPS globally and then enable or disable all signatures or all
anomalies in individual firewall protection profiles.
anomalies in individual firewall protection profiles.
describes the IPS settings
and where to configure and access them. To access protection profile IPS options go
to Firewall > Protection Profile, select edit or Create New, and select IPS. See
to Firewall > Protection Profile, select edit or Create New, and select IPS. See
.
Protection profile configuration
For information about adding protection profiles to firewall policies, see
.
IPS updates and information
FortiProtect services are a valuable customer resource and include automatic updates
of virus and IPS (attack) engines and definitions through the FortiProtect Distribution
Network (FDN). The FortiProtect Center also provides the FortiProtect virus and
attack encyclopedia and the FortiProtect Bulletin.
of virus and IPS (attack) engines and definitions through the FortiProtect Distribution
Network (FDN). The FortiProtect Center also provides the FortiProtect virus and
attack encyclopedia and the FortiProtect Bulletin.
To set up automatic and push updates see
Table 23: IPS and Protection Profile IPS configuration
Protection Profile IPS options
IPS setting
IPS Signature
IPS > Signature
Enable or disable IPS signatures for all
network services.
View and configure a list of predefined
signatures.
Create custom signatures based on the
Create custom signatures based on the
network requirements.
IPS Anomaly
IPS > Anomaly
Enable or disable IPS anomalies for all
network services.
View and configure a list of predefined
anomalies.