Configuring predefined signatures – Fortinet 100A User Manual

Page 280

Advertising
background image

280

01-28007-0068-20041203

Fortinet Inc.

Predefined

IPS

Configuring predefined signatures

To enable or disable predefined signature groups

1

Go to IPS > Signature > Predefined.

2

Select the Configure icon next to the predefined signature group that you want to
enable or disable.

Figure 143:Enabling or disabling a predefined signature group

3

Select the enable box to enable the predefined signature group or clear the enable
box to disable the predefined signature group.

4

Select OK.

To configure predefined signature settings

1

Go to IPS > Signature > Predefined.

2

Select the blue triangle next to a signature group name to display the members of that
group.

3

Select the Configure icon for the signature you want to configure.

Figure 144:Configuring predefined IPS signatures

Reset Client

The FortiGate unit drops the packet that triggered the signature, sends a

reset to the client, and removes the session from the FortiGate session

table. Used for TCP connections only. If you set this action for non-TCP

connection based attacks, the action will behave as Clear Session. If the

Reset Client action is triggered before the TCP connection is fully

established it acts as Clear Session.

Reset Server

The FortiGate unit drops the packet that triggered the signature, sends a

reset to the server, and removes the session from the FortiGate session

table. Used for TCP connections only. If you set this action for non-TCP

connection based attacks, the action will behave as Clear Session. If the

Reset Server action is triggered before the TCP connection is fully

established it acts as Clear Session.

Drop Session

The FortiGate unit drops the packet that triggered the signature and drops

any other packets in the same session.

Clear Session

The FortiGate unit drops the packet that triggered the signature, removes

the session from the FortiGate session table, and does not send a reset.

Pass Session

The FortiGate unit lets the packet that triggered the signature and all other

packets in the session pass through the firewall.

Table 24: Actions to select for each predefined signature

Advertising
Popular Brands
Popular manuals