Table of Contents
Advertisement
4
Creating custom signatures ........................................................................... 23
Custom signature fields .............................................................................. 23
Custom signature syntax ............................................................................ 24
Example custom signatures ........................................................................ 33
Protocol decoders ........................................................................... 37
Protocol decoders ........................................................................................... 37
Upgrading the IPS protocol decoder list....................................................... 37
Viewing the protocol decoder list .................................................................. 38
IPS sensors ...................................................................................... 39
Viewing the IPS sensor list............................................................................. 39
Adding an IPS sensor ................................................................................. 40
Configuring IPS sensors................................................................................. 40
Configuring filters ........................................................................................ 42
Configuring pre-defined and custom overrides ........................................... 43
DoS sensors ..................................................................................... 45
Viewing the DoS sensor list ........................................................................... 46
Configuring DoS sensors ............................................................................... 46
Understanding the anomalies ........................................................................ 48
SYN flood attacks ............................................................................ 51
What is a SYN flood attack? ........................................................................... 51
How SYN floods work ..................................................................................... 51
The FortiGate IPS Response to SYN flood attacks ...................................... 52
What is SYN threshold? .............................................................................. 52
What is SYN proxy? ................................................................................... 52
How IPS works to prevent SYN floods........................................................ 52
Configuring SYN flood protection ................................................................. 54
Suggested settings for different network conditions .................................. 54
ICMP sweep attacks......................................................................... 55
What is an ICMP sweep? ................................................................................ 55
How ICMP sweep attacks work ...................................................................... 55
The FortiGate IPS response to ICMP sweep attacks.................................... 55
Predefined ICMP signatures ....................................................................... 56
ICMP sweep anomalies .............................................................................. 57
Configuring ICMP sweep protection.............................................................. 58
Suggested settings for different network conditions .................................. 58
Index.................................................................................................. 59
FortiGate IPS User Guide Version 3.0 MR7
01-30007-0080-20080916
- Quick Links:
- Ips Custom Signatures
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the Network Device IPS and is the answer not in the manual?
Questions and answers