FortiGate Version 3.0 MR4 Administration Guide
354 01-30004-0203-20070102
Custom signatures Intrusion Protection
For example. If you have a FortiGate unit that is controlling computers that only
have access to an internal database and do not have access to the internet or
email, there is no point having the Fortigate unit scanning for certain types of
signatures such as email, IM, and P2P.
By telling the FortiGate unit not to look for these signatures, you will maintain a
high level of security and increase overall performance.
You should also review exactly how you use the information provided by the
logging feature. If you find that you do not review the information, it is best to turn
off the logging feature. Logging is best used to provide actionable intelligence.
To disable a signature
1 Go to Intrusion Protection > Signatures > Predefined.
2 Clear the Enable box for the signatures you want to disable.
To turn off logging for a signature
1 Go to Intrusion Protection > Signatures > Predefined.
2 Select the Configure icon on the right hand side of the signature you want to
change.
3 Clear the Logging check box.
4 Select OK.
Custom signatures
Custom signatures provide the power and flexibility to customize the FortiGate
IPS for diverse network environments. The FortiGate predefined signatures cover
common attacks. If an unusual or specialized application or an uncommon
platform is being used, add custom signatures based on the security alerts
released by the application and platform vendors.
You can also create custom signatures to help you block P2P protocols.
For more details about custom signatures, see the FortiGate Intrusion Protection
System (IPS) Guide.
Viewing the custom signature list
To view the custom signature list, go to Intrusion Protection > Signature >
Custom.
Figure 232:The custom signature list
Note: If virtual domains are enabled on the FortiGate unit, the IPS is configured globally. To
access the IPS, select Global Configuration on the main menu.
Clear all custom signatures
Reset to recommended settings
To Next Page
Loading...
