Fortinet 100 10 , Network Intrusion Detection System (NIDS) ................................................... 221

Contents

10 Fortinet Inc.

Configuring L2TP............................................... ............................................................. 213

Configuring the FortiGate unit as a L2TP gateway.................. ................................... 214

Configuring a Windows 2000 client for L2TP.............................................. ................ 217

Configuring a Windows XP client for L2TP................. ................................................ 218

Network Intrusion Detection System (NIDS) ................................................... 221

Detecting attacks ............................................................................................................ 221

Selecting the interfaces to monitor.............................................................................. 222

Disabling the NIDS............................................................................................. ......... 222

Configuring checksum verification .............................................................................. 222

Viewing the signature list ............................................................................................ 223

Viewing attack descriptions...................................................................................... ... 223

Enabling and disabling NIDS attack signatures.................... ...................................... 224

Adding user-defined signatures .................................................................................. 224

Preventing attacks .......................................................................................................... 225

Enabling NIDS attack prevention............ .................................................................... 225

Enabling NIDS attack prevention signatures .............................................................. 226

Setting signature threshold values..................................................................... ......... 226

Configuring synflood signature values........................ ................................................ 228

Logging attacks............................................................................ ................................... 228

Logging attack messages to the attack log........................................... ...................... 228

Reducing the number of NIDS attack log and email messages.................................. 229

Antivirus protection........................................................................................... 231

General configuration steps............................................... ............................................. 231

Antivirus scanning........................................................................... ................................ 232

File blocking................................................ .................................................................... 233

Blocking files in firewall traffic ..................................................................................... 233

Adding file patterns to block.................................................. ...................................... 233

Blocking oversized files and emails................ ................................................................ 234

Configuring limits for oversized files and email.................................................. ......... 234

Exempting fragmented email from blocking.................................................................... 234

Viewing the virus list ....................................................................................................... 234

Web filtering ....................................................................................................... 235

General configuration steps............................................... ............................................. 235

Content blocking............ ................................................................................................. 236

Adding words and phrases to the banned word list .................................................... 236

URL blocking................................................................................................................ ... 237

Using the FortiGate web filter ..................................................................................... 237

Using the Cerberian web filter............................................................................... ...... 240

Script filtering........ .......................................................................................................... 242

Enabling the script filter...................................................................................... ......... 242

Selecting script filter options ....................................................................................... 242