Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules 参照マニュアル

Use the Intrusion Prevention System

The Intrusion Prevention System (IPS) of the UTM monitors all network traffic to detect, in 
real time, network attacks and port scans and to protect your network from such intrusions. 
You can set up alerts, block source IP addresses from which port scans are initiated, and 
drop traffic that carries attacks. You can configure detection of and protection from specific 
attacks such as web, email, database, malware, and other attacks. The IPS differs from the 
malware scan mechanism (see 

on page 197) in that it 

monitors individual packets, whereas the malware scan mechanism monitors files.

The IPS also allows you to configure port scan detection to adjust it to your needs and to 
protect the network from unwanted port scans that could compromise the network security.

The IPS is disabled by default. 



Select Network Security > IPS. The IPS submenu tabs display, with the Global screen 
in view.

To enable the IPS, select the ON radio button. The default setting is OFF.

Configure port scan detection by selecting one of the following radio buttons:

OFF. Port scan detection is disabled. This is the default setting.

ALERT. When a port is scanned, an alert is emailed to the administrator that is 

specified in the Email Notification screen.

Block Source IP. When a port is scanned, the IP address of the PC or device that 

scans the port is blocked for the duration that you specify in the Seconds field. The 
default setting is 300 seconds.

Click Apply to save your settings.

Traffic that passes on the UTM’s VLANs and on the secondary IP 

addresses that you have configured on the LAN Multi-homing 
screen (see 

page 104) is also scanned by the IPS.