Predefined Signatures; Predefined Signature List - Fortinet FortiGate FortiGate-1000A Administration Manual
Fortinet fortigate fortigate-1000a: user guide
Hide thumbs
Also See for FortiGate FortiGate-1000A:
- Install manual (58 pages) ,
- Quick start manual (2 pages) ,
- Administration manual (458 pages)
Table of Contents
Advertisement
IPS
Predefined signatures
Predefined signature list
FortiGate-1000A/FA2 Administration Guide
Predefined signatures are arranged into groups based on the type of attack. By
default, all signature groups are enabled while some signatures within groups are not.
Check the default settings to ensure they meet the requirements of your network
traffic.
You can enable or disable signature groups or individual signatures. Disabling
unneeded signatures can improve system performance and reduce the number of log
messages and alert emails that the IPS generates. For example, the IPS detects a
large number of web server attacks. If you do not provide access to a web server
behind your FortiGate unit, you can disable all web server attack signatures.
Some signature groups include configurable parameters. The parameters that are
available depend on the type of signatures in the signature group. When you
configure these parameters for a signature group, the parameters apply to all of the
signatures in the group.
For each signature, you can configure the action the FortiGate IPS takes when it
detects an attack. The FortiGate IPS can pass, drop, reset or clear packets or
sessions.
You can also enable or disable logging of the attack.
You can enable or disable groups of predefined signatures and configure the settings
for individual predefined signatures from the predefined signature list.
Figure 149:A portion of the predefined signature list
Group Name
The signature group names.
Enable
The status of the signature group. A white check mark in a green circle
indicates the signature group is enabled. A white X in a grey circle indicates
the signature group is disabled.
Logging
The logging status for individual signatures. Click on the blue triangle to
show the signature group members. A white check mark in a green circle
indicates logging is enabled for the signature. A white X in a grey circle
indicates logging is disabled for the signature.
Action
The action set for individual signatures. Click on the blue triangle to show
the signature group members. Action can be Pass, Drop, Reset, Reset
Client, Reset Server, Drop Session, Clear Session, or Pass Session. See
Table
32.
01-28011-0254-20051115
Signature
295
Advertisement
Table of Contents
