|
|
IPS sensors | Configuring IPS sensors |
To view an IPS sensor, go to Intrusion Protection > IPS Sensor and select the Edit icon of any IPS sensor. The Edit IPS Sensor window is divided into three parts: the sensor attributes, the filters, and the overrides.
Figure 9: Edit IPS sensor
IPS sensor attributes:
Name | The name of the IPS sensor. You can change it at any time. | |
Comments | An optional comment describing the IPS sensor. You can change it at | |
| any time. |
|
OK | Select to save changes to Name or Comments. | |
IPS sensor filters: |
| |
Add Filter | Add a new filter to the end of the filter list. For more information, see | |
| “Configuring filters” on page 42. | |
# | Current position of each filter in the list. | |
Name | The name of the filter. | |
Signature | Signature attributes specify the type of network traffic the signature | |
attributes | applies to. |
|
| Severity | The severity of the included signatures. |
| Target | The type of system targeted by the attack. The targets |
|
| are client and server. |
| Protocol | The protocols to which the signatures apply. Examples |
|
| include HTTP, POP3, H323, and DNS. |
| OS | The operating systems to which the signatures apply. |
| Application The applications to which the signatures apply. | |
Enable | The status of the signatures included in the filter. The signatures can be | |
| set to enabled, disabled, or default. The default setting uses the default | |
| status of each individual signature as displayed in the signature list. | |
Logging | The logging status of the signatures included in the filter. Logging can | |
| be set to enabled, disabled, or default. The default setting uses the | |
| default status of each individual signature as displayed in the signature | |
| list. |
|
Action | The action of the signatures included in the filter. The action can be set | |
| to pass all, block all, reset all, or default. The default setting uses the | |
| action of each individual signature as displayed in the signature list. | |
Count | The number of signatures included in the filter. Overrides are not | |
| included in this total. | |
Delete icon | Delete the filter. | |
Edit icon | Edit the filter. |
|
Insert icon | Create a new filter and insert it above the current filter. |
FortiGate IPS User Guide Version 3.0 MR7 |
|
41 |