Creating custom signatures | 23 |
Custom signature fields | 23 |
Custom signature syntax | 24 |
Example custom signatures | 33 |
Protocol decoders | 37 |
Protocol decoders | 37 |
Upgrading the IPS protocol decoder list | 37 |
Viewing the protocol decoder list | 38 |
IPS sensors | 39 |
Viewing the IPS sensor list | 39 |
Adding an IPS sensor | 40 |
Configuring IPS sensors | 40 |
Configuring filters | 42 |
Configuring | 43 |
DoS sensors | 45 |
Viewing the DoS sensor list | 46 |
Configuring DoS sensors | 46 |
Understanding the anomalies | 48 |
SYN flood attacks | 51 |
What is a SYN flood attack? | 51 |
How SYN floods work | 51 |
The FortiGate IPS Response to SYN flood attacks | 52 |
What is SYN threshold? | 52 |
What is SYN proxy? | 52 |
How IPS works to prevent SYN floods | 52 |
Configuring SYN flood protection | 54 |
Suggested settings for different network conditions | 54 |
ICMP sweep attacks | 55 |
What is an ICMP sweep? | 55 |
How ICMP sweep attacks work | 55 |
The FortiGate IPS response to ICMP sweep attacks | 55 |
Predefined ICMP signatures | 56 |
ICMP sweep anomalies | 57 |
Configuring ICMP sweep protection | 58 |
Suggested settings for different network conditions | 58 |
Index | 59 |
| FortiGate IPS User Guide Version 3.0 MR7 |
4 |