Network Intrusion Detection System (NIDS) Preventing attacks
FortiGate-50 Installation and Configuration Guide 197
Figure 35: Example user-defined signature list
Downloading the user-defined signature list
You can back up the user-defined signature list by downloading it to a text file on the
management computer.
1 Go to NIDS > Detection > User Defined Signature List.
2 Select Download.
The FortiGate unit downloads the user-defined signature list to a text file on the
management computer. You can specify a location to which to download the text file
as well as a name for the text file.
Preventing attacks
NIDS attack prevention protects the FortiGate unit and the networks connected to it
from common TCP, ICMP, UDP, and IP attacks. You can enable the NIDS attack
prevention to prevent a set of default attacks with default threshold values. You can
also enable and set the threshold values for individual attack signatures.
• Enabling NIDS attack prevention
• Enabling NIDS attack prevention signatures
• Setting signature threshold values
• Configuring synflood signature values
Enabling NIDS attack prevention
1 Go to NIDS > Prevention.
2 Select Enable in the top left corner.
Note: After the FortiGate unit reboots, the NIDS attack prevention and synflood prevention are
always disabled.
To Next Page
Loading...
