Enabling Nids Attack Prevention Signatures; Setting Signature Threshold Values - Fortinet FortiGate 100 Installation & Configuration Manual
Fortinet network device installation and configuration guide
Hide thumbs
Also See for FortiGate 100:
- Installation manual (54 pages) ,
- Administration manual (388 pages)
Table of Contents
Advertisement
Enabling NIDS attack prevention signatures
Enabling NIDS attack prevention signatures
Setting signature threshold values
226
The NIDS Prevention module contains signatures that are designed to protect your
network against attacks. Some signatures are enabled by default; others must be
enabled. For a complete list of NIDS Prevention signatures and descriptions, see the
FortiGate NIDS Guide.
1
Go to NIDS > Prevention.
2
Check the box in the Enable column beside each signature that you want to enable.
3
Select Check All
list.
4
Select Uncheck All
signature list.
5
Select Reset to Default Values
signatures and return to the default threshold values.
Figure 36: Example NIDS attack prevention signature list entries
You can change the default threshold values for the NIDS Prevention signatures listed
in
Table
6. The threshold depends on the type of attack. For flooding attacks, the
threshold is the maximum number of packets received per second. For overflow
attacks, the threshold is the buffer size for the command. For large ICMP attacks, the
threshold is the ICMP packet size limit to pass through.
to enable all signatures in the NIDS attack prevention signature
to disable all signatures in the NIDS attack prevention
to enable only the default NIDS attack prevention
Network Intrusion Detection System (NIDS)
Fortinet Inc.
- Quick Links:
- Connecting to the Web-Based Manager
Hide quick links:
Advertisement
Table of Contents
