User
NAC quarantine and the Banned User list
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
597
•
All sessions started by users or IP addresses on the Banned User list are blocked until the
user or IP address is removed from the list. All sessions to an interface on the list are
blocked until the interface is removed from the list.
You can configure NAC quarantine to add users or IP addresses to the Banned User list
under the following conditions:
•
Users or IP addresses that originate attacks detected by IPS
- To quarantine users
or IP addresses that originate attacks, enable and configure
Quarantine Attackers
in
an IPS Sensor Filter. For more information, see
“Configuring filters” on page 464
.
•
IP addresses or interfaces that send viruses detected by virus scanning
- To
quarantine IP addresses that send viruses or interfaces that accept traffic containing a
virus, enable
Quarantine Virus Sender
in a protection profile. For more information,
see
“Anti-Virus options” on page 407
•
Users or IP addresses that are banned or quarantined by Data Leak Prevention
-
Set various options in a DLP sensor to add users or IP addresses to the Banned User
list. For more information, see
“Adding or editing a rule in a DLP sensor” on page 513
To view the Banned User list, go to
User > Monitor > Banned User.
Figure 398: Banned User list
Current Page
The current page number of list items that are displayed. Select the left and right
arrows to display the first, previous, next or last page of banned users or IP
addresses.
Clear icon
Remove all users and IP addresses from the Banned User list.
#
The position number of the user or IP address in the list.
Application
Protocol
The protocol that was used by the user or IP address added to the Banned User
list.
Cause or rule
The FortiGate function that caused the user or IP address to be added to the
Banned User list.
Cause or rule
can be IPS, Antivirus, or Data Leak Prevention.
Created
The date and time the user or IP address was added to the Banned User list.
Expires
The date and time the user or IP address will be automatically removed from the
Banned User list. If
Expires
is
Indefinite
you must manually remove the user or host
from the list.
Delete icon
Delete the selected user or IP address from the Banned User list.
Current Page
Clear
Delete
Содержание Gate 60D
Страница 678: ...Reports Log Report FortiGate Version 4 0 Administration Guide 678 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 704: ...Index FortiGate Version 4 0 Administration Guide 704 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 705: ...www fortinet com...
Страница 706: ...www fortinet com...