Table of Contents
Advertisement
Detecting attacks
Selecting the interfaces to monitor
Disabling the NIDS
Configuring checksum verification
194
1
Go to NIDS > Detection > General.
2
Select the interface to monitor for network attacks.
You can select the internal or external interface.
3
Select Apply.
1
Go to NIDS > Detection > General.
2
Deselect all monitored interfaces.
3
Select Apply.
Checksum verification tests files passing through the FortiGate unit to make sure that
they have not been changed in transit. The NIDS can run checksum verification on IP,
TCP, UDP, and ICMP traffic. For maximum detection, you can turn on checksum
verification for all types of traffic. However, if the FortiGate unit does not need to run
checksum verification, you can turn it off for some or all types of traffic to improve
system performance. For example, you might not need to run checksum verification if
your FortiGate unit is installed behind a router that also does checksum verification.
1
Go to NIDS > Detection > General.
2
Check the type of traffic on which to run Checksum Verifications.
3
Select Apply.
Figure 33: Example NIDS detection configuration
Network Intrusion Detection System (NIDS)
Fortinet Inc.
Advertisement
Table of Contents
