Contents

Network Intrusion Detection System (NIDS)

269

Detecting attacks

269

Selecting the interfaces to monitor

270

Disabling monitoring interfaces

270

Configuring checksum verification

270

Viewing the signature list

271

Viewing attack descriptions

271

Disabling NIDS attack signatures

272

Adding user-defined signatures

272

Preventing attacks

274

Enabling NIDS attack prevention

274

Enabling NIDS attack prevention signatures

274

Setting signature threshold values

275

Logging attacks

276

Logging attack messages to the attack log

276

Reducing the number of NIDS attack log and email messages

276

Antivirus protection

279

General configuration steps

279

Antivirus scanning

280

File blocking

281

Blocking files in firewall traffic

282

Adding file patterns to block

282

Quarantine

283

Quarantining infected files

283

Quarantining blocked files

283

Viewing the quarantine list

284

Sorting the quarantine list

284

Filtering the quarantine list

285

Deleting files from the quarantine list

285

Downloading quarantined files

285

Configuring quarantine options

285

Blocking oversized files and emails

286

Configuring limits for oversized files and email

286

Exempting fragmented email from blocking

287

Viewing the virus list

287

Web filtering

289

General configuration steps

289

Content blocking

290

Adding words and phrases to the Banned Word list

290

Clearing the Banned Word list

291

Backing up the Banned Word list

292

Restoring the Banned Word list

292

FortiGate-800 Installation and Configuration Guide

11

Page 11
Image 11
Fortinet FortiGate-800 manual Network Intrusion Detection System Nids 269