Selecting The Interfaces To Monitor; Disabling Monitoring Interfaces; Configuring Checksum Verification - Fortinet FortiGate FortiGate-800 Installation And Configuration Manual
Fortinet network device installation and configuration guide
Hide thumbs
Also See for FortiGate FortiGate-800:
- Administration manual (392 pages) ,
- Install manual (64 pages) ,
- Technical note (12 pages)
Table of Contents
Advertisement
Detecting attacks
Selecting the interfaces to monitor
Disabling monitoring interfaces
Configuring checksum verification
270
To select the interfaces to monitor for attacks
1
Go to NIDS > Detection > General.
2
Select the interfaces to monitor for network attacks.
You can select up to a total of 4 interfaces and VLAN subinterfaces.
3
Select Apply.
To disable monitoring interfaces for attacks
1
Go to NIDS > Detection > General.
2
Clear the check box for all the interfaces that you do not want monitored.
3
Select Apply.
Checksum verification tests the files that pass through the FortiGate unit to make sure
that they have not been changed in transit. The NIDS can run checksum verification
on IP, TCP, UDP, and ICMP traffic. For maximum detection, you can turn on checksum
verification for all types of traffic. However, if the FortiGate unit does not need to run
checksum verification, you can turn it off for some or all types of traffic to improve
system performance. For example, you might not need to run checksum verification if
the FortiGate unit is installed behind a router that also does checksum verification.
To configure checksum verification
1
Go to NIDS > Detection > General.
2
Select the type of traffic that you want to run Checksum Verifications on.
3
Select Apply.
Figure 66: Example NIDS detection configuration
Network Intrusion Detection System (NIDS)
Fortinet Inc.
- Quick Links:
- Connecting to the Web-Based Manager
Hide quick links:
Advertisement
Table of Contents
