Fortinet FortiGate 4000 Benutzerhandbuch
276
Fortinet Inc.
Preventing attacks
Network Intrusion Detection System (NIDS)
Preventing attacks
NIDS attack prevention protects the FortiGate unit and the networks connected to it
from common TCP, ICMP, UDP, and IP attacks. You can enable NIDS attack
prevention to prevent a set of default attacks with default threshold values. You can
also enable or disable and set the threshold values for individual attack prevention
signatures.
from common TCP, ICMP, UDP, and IP attacks. You can enable NIDS attack
prevention to prevent a set of default attacks with default threshold values. You can
also enable or disable and set the threshold values for individual attack prevention
signatures.
•
•
•
Enabling NIDS attack prevention
To enable NIDS attack prevention
1
Go to NIDS > Prevention.
2
Select the Enable Prevention check box, in the top left corner.
Enabling NIDS attack prevention signatures
The NIDS Prevention module contains signatures that are designed to protect your
network against attacks. Some signatures are enabled by default, others must be
enabled. For a complete list of NIDS Prevention signatures and descriptions, see the
FortiGate NIDS Guide.
network against attacks. Some signatures are enabled by default, others must be
enabled. For a complete list of NIDS Prevention signatures and descriptions, see the
FortiGate NIDS Guide.
To enable attack prevention signatures
1
Go to NIDS > Prevention.
2
Select the Enable check box beside each signature that you want to enable.
3
Select Check All
to enable all signatures in the NIDS attack prevention signature
list.
4
Select Uncheck All
to disable all signatures in the NIDS attack prevention
signature list.
5
Select Reset to Default Values
to enable only the default NIDS attack prevention
signatures and return to the default threshold values.
Note: After the FortiGate unit reboots, NIDS attack prevention and synflood prevention are
always disabled.
always disabled.