beautypg.com

Introduction, The fortigate ips – Fortinet Network Device IPS User Manual

Page 5

background image

Introduction

The FortiGate IPS

FortiGate IPS User Guide Version 3.0 MR7
01-30007-0080-20080916

5

Introduction

This section introduces you to the FortiGate Intrusion Prevention System (IPS)
and the following topics:

The FortiGate IPS

About this document

Fortinet documentation

Customer service and technical support

The FortiGate IPS

Spam and viruses are not the only threats facing enterprises and small
businesses. Sophisticated, automated attack tools are prevalent on the Internet
today, making intrusion detection and prevention vital to securing corporate
networks. An attack or intrusion can be launched to steal confidential information,
force a costly web site crash, or use network resources to launch other attacks.

The FortiGate IPS detects intrusions by using attack signatures for known
intrusion methods, and detects anomalies in network traffic to identify new or
unknown intrusions. Not only can the IPS detect and log attacks, but users can
choose actions to take on the session when an attack is detected. This guide
describes how to configure and use the IPS and the IPS response to some
common attacks.

This guide describes:

IPS overview and general configuration

Predefined signatures

Custom signatures

Protocol decoders

IPS sensors

DoS sensors

SYN flood attacks

ICMP sweep attacks