beautypg.com

Configuring icmp sweep protection – Fortinet Network Device IPS User Manual

Page 58

background image

FortiGate IPS User Guide Version 3.0 MR7

58

01-30007-0080-20080916

Configuring ICMP sweep protection

ICMP sweep attacks

Configuring ICMP sweep protection

To configure the ICMP sweep anomaly protection settings

1

Go to Intrusion Protection > DoS Sensor.

2

Select Create New.

3

Configure the options for icmp_sweep, icmp_src_session, and icmp_dst_session.

4

Select OK.

Suggested settings for different network conditions

Enable or disable the ICMP predefined signatures depending on current network
traffic and the network scanning tools being used.

To use the icmp_sweep anomaly, monitor the network to find out the normal ICMP
traffic patterns. Configure the icmp_sweep anomaly threshold to be triggered
when an unusual volume of ICMP requests occurs.

See also other documents in the category Fortinet Hardware: