Fortinet white logo
Fortinet white logo

Administration Guide

Header/Footer IPS

Header/Footer IPS

You can create new IPS headers and footers for use in Intrusion Prevention object configuration. When a IPS header/footer is created and assigned to an ADOM, all new and existing Intrusion Prevention objects in that ADOM will include the header and footer.

The Header/Footer IPS table includes the following features in the toolbar:

Create New Create a new IPS header/footer.
Edit Edit an existing IPS header/footer.
Delete Delete an existing IPS header/footer.
ADOM Assignments Specify to which ADOM(s) an IPS header/footer can be assigned.
Assign/Un-assign

Assign the IPS header/footer to one or more ADOMs. ADOMs will not appear in the Assign/Un-assign list unless they have first been specified using ADOM Assignment.

When the IPS header/footer is assigned to an ADOM, all new and existing Intrusion Prevention objects within this ADOM are updated to include the IPS headers and footers.

Column Settings

Configure which columns are displayed in the Header/Footer IPS table.

To create an IPS header or footer sensor:
  1. Change the ADOM to Global Database.
  2. Click Header/Footer IPS from the navigation menu, and click Create New. The Create New Header/Footer IPS Sensor page is displayed.
  3. Configure the IPS header/footer, and click OK. The following settings are available:
    NameEnter a name.
    CommentsOptionally, enter comments about the IPS header/footer.
    IPS Signatures and Filters

    Click Create new, and select Header IPS or Footer IPS to create new IPS signatures and filters.

    Filters

    When creating filters, the following settings are available: Action (Allow, Monitor, Block, Reset, Default, Quarantine), Packet Logging, Status, and Filter. Click the edit filter icon to create a new filter.

    For information on hold-time and CVE filter options, see Intrusion prevention hold-time and CVE filtering.

    Signatures

    When selecting signatures, the following settings are available: Action (Allow, Monitor, Block, Reset, Default, Quarantine), Packet Logging, Status, Rate-based Setting, Exempt IPs, and Signatures. Click Add Signature to select a new signature.

    Revision

    Enter a change note for any changes made to the IPS header/footer sensor.

    Previous changes are displayed under Revision History.

To assign an IPS header/footer to an ADOM:
  1. Change the ADOM to Global Database.
  2. Click Header/Footer IPS from the navigation menu, and click ADOM Assignments.
    ADOM Assignments determines to which ADOM(s) an IPS header/footer can be assigned.
  3. From the ADOM selector, choose one or more ADOMs, and click OK.
    In the Header/Footer IPS table, the header/footer displays that it is not yet applied to the ADOM(s) in the Assign to ADOM column.
  4. Click Assign/Un-assign in the toolbar, select the ADOM where the IPS header/footer will be assigned, and click OK.
    In the Header/Footer IPS table, the header/footer displays that it is applied to the selected ADOM.
  5. Navigate to the ADOM where the IPS header/footer was installed, and go to Policy & Objects > Security Profiles > Intrusion Prevention.
    All new and existing Intrusion Prevention objects within this ADOM include the IPS headers and footers that were assigned to the ADOM.
To un-assign a global IPS header and footer from an ADOM:
  1. Change the ADOM to Global Database.
  2. Click Header/Footer IPS from the navigation menu, and select the IPS header/footer that you want to un-assign.
  3. Click Assign/Un-assign in the toolbar, and select the Un-assign tab in the dialog window that appears.
  4. Select the ADOMs to be un-assigned from the ADOM, and click OK.


Header/Footer IPS

Header/Footer IPS

You can create new IPS headers and footers for use in Intrusion Prevention object configuration. When a IPS header/footer is created and assigned to an ADOM, all new and existing Intrusion Prevention objects in that ADOM will include the header and footer.

The Header/Footer IPS table includes the following features in the toolbar:

Create New Create a new IPS header/footer.
Edit Edit an existing IPS header/footer.
Delete Delete an existing IPS header/footer.
ADOM Assignments Specify to which ADOM(s) an IPS header/footer can be assigned.
Assign/Un-assign

Assign the IPS header/footer to one or more ADOMs. ADOMs will not appear in the Assign/Un-assign list unless they have first been specified using ADOM Assignment.

When the IPS header/footer is assigned to an ADOM, all new and existing Intrusion Prevention objects within this ADOM are updated to include the IPS headers and footers.

Column Settings

Configure which columns are displayed in the Header/Footer IPS table.

To create an IPS header or footer sensor:
  1. Change the ADOM to Global Database.
  2. Click Header/Footer IPS from the navigation menu, and click Create New. The Create New Header/Footer IPS Sensor page is displayed.
  3. Configure the IPS header/footer, and click OK. The following settings are available:
    NameEnter a name.
    CommentsOptionally, enter comments about the IPS header/footer.
    IPS Signatures and Filters

    Click Create new, and select Header IPS or Footer IPS to create new IPS signatures and filters.

    Filters

    When creating filters, the following settings are available: Action (Allow, Monitor, Block, Reset, Default, Quarantine), Packet Logging, Status, and Filter. Click the edit filter icon to create a new filter.

    For information on hold-time and CVE filter options, see Intrusion prevention hold-time and CVE filtering.

    Signatures

    When selecting signatures, the following settings are available: Action (Allow, Monitor, Block, Reset, Default, Quarantine), Packet Logging, Status, Rate-based Setting, Exempt IPs, and Signatures. Click Add Signature to select a new signature.

    Revision

    Enter a change note for any changes made to the IPS header/footer sensor.

    Previous changes are displayed under Revision History.

To assign an IPS header/footer to an ADOM:
  1. Change the ADOM to Global Database.
  2. Click Header/Footer IPS from the navigation menu, and click ADOM Assignments.
    ADOM Assignments determines to which ADOM(s) an IPS header/footer can be assigned.
  3. From the ADOM selector, choose one or more ADOMs, and click OK.
    In the Header/Footer IPS table, the header/footer displays that it is not yet applied to the ADOM(s) in the Assign to ADOM column.
  4. Click Assign/Un-assign in the toolbar, select the ADOM where the IPS header/footer will be assigned, and click OK.
    In the Header/Footer IPS table, the header/footer displays that it is applied to the selected ADOM.
  5. Navigate to the ADOM where the IPS header/footer was installed, and go to Policy & Objects > Security Profiles > Intrusion Prevention.
    All new and existing Intrusion Prevention objects within this ADOM include the IPS headers and footers that were assigned to the ADOM.
To un-assign a global IPS header and footer from an ADOM:
  1. Change the ADOM to Global Database.
  2. Click Header/Footer IPS from the navigation menu, and select the IPS header/footer that you want to un-assign.
  3. Click Assign/Un-assign in the toolbar, and select the Un-assign tab in the dialog window that appears.
  4. Select the ADOMs to be un-assigned from the ADOM, and click OK.