Intrusion Protection
About intrusion protection
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
455
Intrusion Protection
The FortiGate Intrusion Protection system combines signature and anomaly detection and
prevention with low latency and excellent reliability. With intrusion Protection, you can
create multiple IPS sensors, each containing a complete configuration based on
signatures. Then, you can apply any IPS sensor to each protection profile. You can also
create DoS sensors to examine traffic for anomaly-based attacks.
This section describes how to configure the FortiGate Intrusion Protection settings. For
more information about Intrusion Protection, see the
FortiGate Intrusion Protection
.
If you enable virtual domains (VDOMs) on the FortiGate unit, intrusion protection is
configured separately for each virtual domain. For details, see
This section describes:
•
•
•
•
•
•
•
Intrusion protection CLI configuration
About intrusion protection
The FortiGate unit can log suspicious traffic, send alert email messages to system
administrators, and log, pass, or block suspicious packets or sessions. You can adjust the
DoS sensor anomaly thresholds to work best with the normal traffic on the protected
networks. You can also create custom signatures to tailor the FortiGate Intrusion
Protection system to your network environment.
The FortiGate Intrusion Protection system matches network traffic against patterns
contained in attack signatures. Attack signatures reliably protect your network from known
attacks. Fortinet’s FortiGuard infrastructure ensures the rapid identification of new threats
and the development of new attack signatures.
FortiGuard services provide automatic updates of virus and intrusion protection (attack)
engines and definitions to FortiGate customers through the FortiGuard Distribution
Network (FDN). The FortiGuard Center also provides the FortiGuard virus and attack
encyclopedia and the FortiGuard Bulletin. Visit the
for details
and a link to the FortiGuard Center.
For more information about configuring the connection between the FortiGate unit and
FortiGuard see
“Configuring the FortiGate unit for FDN and FortiGuard subscription
Summary of Contents for Gate 60D
Page 705: ...www fortinet com...
Page 706: ...www fortinet com...