IPS sensors
Viewing the IPS sensor list
FortiGate IPS User Guide Version 3.0 MR7
01-30007-0080-20080916
39
IPS sensors
You can group signatures into IPS sensors for easy selection in protection
profiles. You can define signatures for specific types of traffic in separate IPS
sensors, and then select those sensors in profiles designed to handle that type of
traffic. For example, you can specify all of the web-server related signatures in an
IPS sensor, and the sensor can then be used by a protection profile in a policy
that controls all of the traffic to and from a web server protected by the FortiGate
unit.
The FortiGuard Service periodically updates the pre-defined signatures, with
signatures added to counter new threats. Because the signatures included in
filters are defined by specifying signature attributes, new signatures matching
existing filter specifications will automatically be included in those filters. For
example, if you have a filter that includes all signatures for the Windows operating
system, your filter will automatically incorporate new Windows signatures as they
are added.
This section describes:
•
Viewing the IPS sensor list
•
Configuring IPS sensors
Viewing the IPS sensor list
To view the IPS sensors, go to
Intrusion Protection > IPS Sensor
.
Figure 7: IPS Sensor list showing the default sensors
The IPS sensor list displays the following information.
Five default IPS sensors are provided with the default configuration.
Create New
Add a new IPS sensor. For more information, see
“Adding an
IPS sensor” on page 40
.
Name
The name of each IPS sensor.
Comments
An optional description of the IPS sensor.
Delete and Edit icons
Delete or edit an IPS sensor.
all_default
Includes all signatures. The sensor is set to use the default
enable status and action of each signature.
all_default_pass
Includes all signatures. The sensor is set to use the default
enable status of each signature, but the action is set to pass.