EasyManua.ls Logo

Fortinet Gate 60D - Page 597

Fortinet Gate 60D
706 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
User NAC quarantine and the Banned User list
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 597
http://docs.fortinet.com/Feedback
All sessions started by users or IP addresses on the Banned User list are blocked until the
user or IP address is removed from the list. All sessions to an interface on the list are
blocked until the interface is removed from the list.
You can configure NAC quarantine to add users or IP addresses to the Banned User list
under the following conditions:
Users or IP addresses that originate attacks detected by IPS - To quarantine users
or IP addresses that originate attacks, enable and configure Quarantine Attackers in
an IPS Sensor Filter. For more information, see “Configuring filters” on page 464.
IP addresses or interfaces that send viruses detected by virus scanning - To
quarantine IP addresses that send viruses or interfaces that accept traffic containing a
virus, enable Quarantine Virus Sender in a protection profile. For more information,
see “Anti-Virus options” on page 407.
Users or IP addresses that are banned or quarantined by Data Leak Prevention -
Set various options in a DLP sensor to add users or IP addresses to the Banned User
list. For more information, see “Adding or editing a rule in a DLP sensor” on page 513.
To view the Banned User list, go to User > Monitor > Banned User.
Figure 398: Banned User list
Current Page The current page number of list items that are displayed. Select the left and right
arrows to display the first, previous, next or last page of banned users or IP
addresses.
Clear icon Remove all users and IP addresses from the Banned User list.
# The position number of the user or IP address in the list.
Application
Protocol
The protocol that was used by the user or IP address added to the Banned User
list.
Cause or rule The FortiGate function that caused the user or IP address to be added to the
Banned User list. Cause or rule can be IPS, Antivirus, or Data Leak Prevention.
Created The date and time the user or IP address was added to the Banned User list.
Expires The date and time the user or IP address will be automatically removed from the
Banned User list. If Expires is Indefinite you must manually remove the user or host
from the list.
Delete icon Delete the selected user or IP address from the Banned User list.
Current Page
Clear
Delete

Table of Contents