Fortinet black logo

Administration Guide

Home FortiProxy 7.2.0 Administration Guide
7.2.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Add or edit an IPS signature or filter

Add or edit an IPS signature or filter

You can add or edit IPS signatures and filters.

To create a filter:
  1. Go to Security Profiles > Intrusion Prevention.
  2. In the IPS Signatures and Filters section, select Create New.
  3. In the Add Signatures window, select Filter.
  4. For the action, select Allow, Monitor, Block, Reset, Default, or Quarantine.
  5. Enable or disable packet logging.
  6. Enable the status to make the filter active.
  7. Use the Filter field to select filters.
  8. Use the search field to narrow down the list of possible signatures by a series of attributes.
  9. Click OK.
To create a signature:
  1. Go to Security Profiles > Intrusion Prevention.
  2. In the IPS Signatures and Filters section, select Create New.
  3. In the Add Signatures window, select Signature.
  4. For the action, select Allow, Monitor, Block, Reset, Default, or Quarantine.
  5. Enable or disable packet logging.
  6. Enable the status to make the filter active.
  7. Select Default or Specify for the rate-based settings. If you select Specify, enter the number of incidents per minute in the Threshold field, enter the number of seconds after which the block will be removed in the Duration (seconds) field, and select whether the rate-based settings use the source IP address, the destination IP address, or any IP address.
  8. If you want to exempt certain IP addresses from the signature, click Edit IP Exemptions and add the source IP address and netmask and the destination IP address and netmask.
  9. Use the search field to narrow down the list of possible signatures by a series of attributes.
  10. Click OK.
To edit a filter or signature:
  1. Go to Security Profiles > Intrusion Prevention.
  2. In the IPS Filters section, select the filter or signature that you want to edit and then click Edit from the toolbar.
  3. Edit the information as required and then select OK to apply your changes.
Previous
Next

Add or edit an IPS signature or filter

You can add or edit IPS signatures and filters.

To create a filter:
  1. Go to Security Profiles > Intrusion Prevention.
  2. In the IPS Signatures and Filters section, select Create New.
  3. In the Add Signatures window, select Filter.
  4. For the action, select Allow, Monitor, Block, Reset, Default, or Quarantine.
  5. Enable or disable packet logging.
  6. Enable the status to make the filter active.
  7. Use the Filter field to select filters.
  8. Use the search field to narrow down the list of possible signatures by a series of attributes.
  9. Click OK.
To create a signature:
  1. Go to Security Profiles > Intrusion Prevention.
  2. In the IPS Signatures and Filters section, select Create New.
  3. In the Add Signatures window, select Signature.
  4. For the action, select Allow, Monitor, Block, Reset, Default, or Quarantine.
  5. Enable or disable packet logging.
  6. Enable the status to make the filter active.
  7. Select Default or Specify for the rate-based settings. If you select Specify, enter the number of incidents per minute in the Threshold field, enter the number of seconds after which the block will be removed in the Duration (seconds) field, and select whether the rate-based settings use the source IP address, the destination IP address, or any IP address.
  8. If you want to exempt certain IP addresses from the signature, click Edit IP Exemptions and add the source IP address and netmask and the destination IP address and netmask.
  9. Use the search field to narrow down the list of possible signatures by a series of attributes.
  10. Click OK.
To edit a filter or signature:
  1. Go to Security Profiles > Intrusion Prevention.
  2. In the IPS Filters section, select the filter or signature that you want to edit and then click Edit from the toolbar.
  3. Edit the information as required and then select OK to apply your changes.
Previous
Next