Preventing Attacks; Enabling Nids Attack Prevention; Enabling Nids Attack Prevention Signatures - Fortinet FortiGate FortiGate-800 Installation And Configuration Manual

Preventing attacks

Preventing attacks

Enabling NIDS attack prevention

Enabling NIDS attack prevention signatures

274
NIDS attack prevention protects the FortiGate unit and the networks connected to it
from common TCP, ICMP, UDP, and IP attacks. You can enable NIDS attack
prevention to prevent a set of default attacks with default threshold values. You can
also enable or disable and set the threshold values for individual attack prevention
signatures.
Note: After the FortiGate unit reboots, NIDS attack prevention and synflood prevention are
always disabled.
• Enabling NIDS attack prevention
• Enabling NIDS attack prevention signatures
• Setting signature threshold values
To enable NIDS attack prevention
1 Go to NIDS > Prevention.
2 Select the Enable Prevention check box, in the top left corner.
The NIDS Prevention module contains signatures that are designed to protect your
network against attacks. Some signatures are enabled by default, others must be
enabled. For a complete list of NIDS Prevention signatures and descriptions, see the
FortiGate NIDS Guide.
To enable attack prevention signatures
1 Go to NIDS > Prevention.
2 Select the Enable check box beside each signature that you want to enable.
3 Select Check All
list.
4 Select Uncheck All
signature list.
5 Select Reset to Default Values
signatures and return to the default threshold values.
to enable all signatures in the NIDS attack prevention signature
to disable all signatures in the NIDS attack prevention
to enable only the default NIDS attack prevention
Network Intrusion Detection System (NIDS)
Fortinet Inc.