|
|
Introduction | The FortiGate IPS |
Introduction
This section introduces you to the FortiGate Intrusion Prevention System (IPS) and the following topics:
•The FortiGate IPS
•About this document
•Fortinet documentation
•Customer service and technical support
The FortiGate IPS
Spam and viruses are not the only threats facing enterprises and small businesses. Sophisticated, automated attack tools are prevalent on the Internet today, making intrusion detection and prevention vital to securing corporate networks. An attack or intrusion can be launched to steal confidential information, force a costly web site crash, or use network resources to launch other attacks.
The FortiGate IPS detects intrusions by using attack signatures for known intrusion methods, and detects anomalies in network traffic to identify new or unknown intrusions. Not only can the IPS detect and log attacks, but users can choose actions to take on the session when an attack is detected. This guide describes how to configure and use the IPS and the IPS response to some common attacks.
This guide describes:
•IPS overview and general configuration
•Predefined signatures
•Custom signatures
•Protocol decoders
•IPS sensors
•DoS sensors
•SYN flood attacks
•ICMP sweep attacks
FortiGate IPS User Guide Version 3.0 MR7 |
|
5 |