Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiProxy 7.0.19 Administration Guide
    7.0.19
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.0
    7.0.19
    7.0.17
    7.0.0
    2.0.0
    1.2.0
    1.1.0
    1.0.0

    Create or edit an application signature

    Create or edit an application signature

    If you have to detect an application that is not already in the application list, you can create an application signature:

    1. Go to Security Profiles > Application Signatures and select Create New > Custom Application Signature. You can also go to Security Profiles > Application Control, click Create New, click View Application Signatures, and select Create New > Custom Application Signature.

    2. Enter a name (no spaces) for the application signature in the Name field.

    3. Enter a brief description in the Comments field.

    4. Enter the text for the signature in the Signature field. The syntax for signatures is described in Valid syntax.

    5. Click OK.

    You can edit application signatures that you have created. Select the application signature and then click Edit.

    Valid syntax

    The following table shows the valid characters and basic structure. For details about each keyword and its associated values, see Custom signature keywords.

    Field

    Valid Characters

    Usage

    HEADER

    F-SBID

    The header for an attack definition signature. Each custom signature must begin with this header.

    KEYWORD

    Each keyword must start with a pair of dashes (--) and consist of a string of 1 to 19 characters.

    Normally, keywords are an English word or English words connected by an underscore (_). Keywords are case insensitive.

    The keyword identifies a parameter.

    VALUE

    Double quotes (") must be used around the value if it contains a space and/or a semicolon (;). If the value is NULL, the space between the KEYWORD and VALUE can be omitted. Values are case sensitive.

    NOTE: If double quotes are used for quoting the value, the double quotes are not considered as part of the value string.

    The value is set specifically for a parameter identified by a keyword.

    Previous
    Next

    Create or edit an application signature

    Create or edit an application signature

    If you have to detect an application that is not already in the application list, you can create an application signature:

    1. Go to Security Profiles > Application Signatures and select Create New > Custom Application Signature. You can also go to Security Profiles > Application Control, click Create New, click View Application Signatures, and select Create New > Custom Application Signature.

    2. Enter a name (no spaces) for the application signature in the Name field.

    3. Enter a brief description in the Comments field.

    4. Enter the text for the signature in the Signature field. The syntax for signatures is described in Valid syntax.

    5. Click OK.

    You can edit application signatures that you have created. Select the application signature and then click Edit.

    Valid syntax

    The following table shows the valid characters and basic structure. For details about each keyword and its associated values, see Custom signature keywords.

    Field

    Valid Characters

    Usage

    HEADER

    F-SBID

    The header for an attack definition signature. Each custom signature must begin with this header.

    KEYWORD

    Each keyword must start with a pair of dashes (--) and consist of a string of 1 to 19 characters.

    Normally, keywords are an English word or English words connected by an underscore (_). Keywords are case insensitive.

    The keyword identifies a parameter.

    VALUE

    Double quotes (") must be used around the value if it contains a space and/or a semicolon (;). If the value is NULL, the space between the KEYWORD and VALUE can be omitted. Values are case sensitive.

    NOTE: If double quotes are used for quoting the value, the double quotes are not considered as part of the value string.

    The value is set specifically for a parameter identified by a keyword.

    Previous
    Next