Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiPortal 7.4.1 User Guide
    7.4.1
    7.4.1
    7.4.0
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.0.15
    6.0.14
    6.0.13
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.3.8
    5.3.7
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.0
    5.2.0
    4.1.0

    Configuring an intrusion prevention profile

    Configuring an intrusion prevention profile

    To configure an intrusion prevention profile:
    1. Go to Security > Firewall Objects.
    2. Select Intrusion Prevention Profile from the Security Profiles dropdown.
    3. Select Create or select an existing profile from the list and click Edit.
    4. In the form, enter the following information:

      Settings

      Guidelines

      Name

      Required. Enter a name for the IPS Sensor.

      Comments

      Enter comments about the IPS Sensor.

      Block malicious URLs

      Select to block malicious URLs.

      Scan Outgoing Connections to Botnet Sites

      Choose from the following options:

      • Block: Scan and block outgoing connections to botnet sites.

      • Disable: Disable scanning outgoing connections to botnet sites (default).

      • Monitor: Monitor outgoing connections to botnet sites.

    5. Click Create to add an IPS signature filter to the IPS sensor.

      To edit an IPS signature filter, select an IPS signature filter from the list and then select Edit.

      When editing an IPS signature filter, the fields are the same as when creating it.

      Use the search box to look for an IPS signature filter.

    6. In the Create IPS Signature Filter form, enter the following information:

      Settings

      Guidelines

      Type

      Select either Filter (default) or Signature.

      Note: When the Type is Signature, select signatures from the list.

      Use the Search bar to look for a signature.

      Action

      Select one of the following actions:

      • Default (default)

      • Allow

      • Monitor

      • Block

      • Reset

      • Quarantine: Enter the duration of the quarantine, and click Save.

      Packet Logging

      Enable or disable packet logging.

      Status

      Enable, disable, or set the status as default.

      Filter

      Select Edit IPS Filter to edit an IPS filter, enter the following information as shown in Edit IPS Filter.

      Alternatively, from the list, select a preconfigured IPS filter and click Save.

      Use the Search bar to look for an IPS filter.

      Edit IPS Filter

      Severity

      Select severity levels:

      • Critical

      • High

      • Medium

      • Low

      • Info

      Target

      Select one or both of client and server.

      Protocol

      Select protocols.

      OS

      Select OS:

      • bsd

      • Linux

      • MacOS

      • Other

      • Solaris

      • Windows

      Application

      Select applications.

    7. Click Save to save changes to the IPS filter.
    8. Click Save to save changes to the IPS signature filter.
    9. Click Save to save changes to the IPS sensor.
    Previous
    Next

    Configuring an intrusion prevention profile

    Configuring an intrusion prevention profile

    To configure an intrusion prevention profile:
    1. Go to Security > Firewall Objects.
    2. Select Intrusion Prevention Profile from the Security Profiles dropdown.
    3. Select Create or select an existing profile from the list and click Edit.
    4. In the form, enter the following information:

      Settings

      Guidelines

      Name

      Required. Enter a name for the IPS Sensor.

      Comments

      Enter comments about the IPS Sensor.

      Block malicious URLs

      Select to block malicious URLs.

      Scan Outgoing Connections to Botnet Sites

      Choose from the following options:

      • Block: Scan and block outgoing connections to botnet sites.

      • Disable: Disable scanning outgoing connections to botnet sites (default).

      • Monitor: Monitor outgoing connections to botnet sites.

    5. Click Create to add an IPS signature filter to the IPS sensor.

      To edit an IPS signature filter, select an IPS signature filter from the list and then select Edit.

      When editing an IPS signature filter, the fields are the same as when creating it.

      Use the search box to look for an IPS signature filter.

    6. In the Create IPS Signature Filter form, enter the following information:

      Settings

      Guidelines

      Type

      Select either Filter (default) or Signature.

      Note: When the Type is Signature, select signatures from the list.

      Use the Search bar to look for a signature.

      Action

      Select one of the following actions:

      • Default (default)

      • Allow

      • Monitor

      • Block

      • Reset

      • Quarantine: Enter the duration of the quarantine, and click Save.

      Packet Logging

      Enable or disable packet logging.

      Status

      Enable, disable, or set the status as default.

      Filter

      Select Edit IPS Filter to edit an IPS filter, enter the following information as shown in Edit IPS Filter.

      Alternatively, from the list, select a preconfigured IPS filter and click Save.

      Use the Search bar to look for an IPS filter.

      Edit IPS Filter

      Severity

      Select severity levels:

      • Critical

      • High

      • Medium

      • Low

      • Info

      Target

      Select one or both of client and server.

      Protocol

      Select protocols.

      OS

      Select OS:

      • bsd

      • Linux

      • MacOS

      • Other

      • Solaris

      • Windows

      Application

      Select applications.

    7. Click Save to save changes to the IPS filter.
    8. Click Save to save changes to the IPS signature filter.
    9. Click Save to save changes to the IPS sensor.
    Previous
    Next