Network intrusion detection system (nids), Detecting attacks – Fortinet FortiGate 4000 User Manual
Page 271
FortiGate-4000 Installation and Configuration Guide Version 2.50
FortiGate-4000 Installation and Configuration Guide
271
Network Intrusion Detection System
(NIDS)
The FortiGate NIDS is a real-time network intrusion detection sensor that uses attack
signature definitions to both detect and prevent a wide variety of suspicious network
traffic and direct network-based attacks. Also, whenever an attack occurs, the
FortiGate NIDS can record the event in a log and send an alert email to the system
administrator.
This chapter describes:
•
•
•
Detecting attacks
The NIDS Detection module detects a wide variety of suspicious network traffic and
network-based attacks. Use the following procedures to configure the general NIDS
settings and the NIDS Detection module Signature List.
For the general NIDS settings, you must select which interfaces you want to be
monitored for network-based attacks. You also need to decide whether to enable
checksum verification. Checksum verification tests the integrity of packets received at
the monitored interfaces.
This section describes:
•
Selecting the interfaces to monitor
•
Disabling monitoring interfaces
•
Configuring checksum verification
•
•
•
Disabling NIDS attack signatures
•