Fortinet black logo

Administration Guide

Home FortiProxy 7.2.0 Administration Guide
7.2.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Create or edit an IPS sensor

Create or edit an IPS sensor

The Intrusion Prevention System (IPS) combines signature detection and prevention with low latency and excellent reliability. With intrusion protection, you can create multiple IPS sensors, each containing a complete configuration based on signatures. Then, you can apply any IPS sensor to any security policy.

IPS sensors can be added, edited, cloned, and deleted as required.

To create an IPS sensor, go to Security Profiles > Intrusion Prevention and click Create New.

Configure the following settings and then select OK to save your changes:

Name

The name of the IPS sensor.

Comments

Optional description of the IPS sensor.

Block malicious URLs

Enable this setting to block malicious URLs that FortiSandbox finds. Your FortiProxy unit must be connected to a registered FortiSandbox.

IPS Signatures and Filters

Add or edit an IPS signature or filter. See Add or edit an IPS signature or filter.

While individual signatures can be added to a sensor, a filter allows you to add multiple signatures to a sensor by specifying the characteristics of the signatures to be added.

Scan Outgoing Connections to Botnet Sites

Select Block or Monitor to enable botnet blocking across all traffic that matches the policy.

View IPS Signatures

Select to see a list of predefined IPS signatures. To create an IPS signature, see Create or edit an IPS signature.

API Preview

The API Preview allows you to view all REST API requests being used by the page. You can make changes on the page that are reflected in the API request preview. This feature is not available if the user is logged in as an administrator that has read-only GUI permissions.
To use the API Preview:

  1. Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.

  2. Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.

  3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.

  4. Click Close to leave the preview.

To edit an IPS sensor:

  1. From the IPS sensor list, select the sensor that you need to edit and then click Edit from the toolbar or double-click on the sensor name in the list. The Edit IPS Sensor window opens.

  2. Edit the information as required and then select OK to save your changes.

Previous
Next

Create or edit an IPS sensor

The Intrusion Prevention System (IPS) combines signature detection and prevention with low latency and excellent reliability. With intrusion protection, you can create multiple IPS sensors, each containing a complete configuration based on signatures. Then, you can apply any IPS sensor to any security policy.

IPS sensors can be added, edited, cloned, and deleted as required.

To create an IPS sensor, go to Security Profiles > Intrusion Prevention and click Create New.

Configure the following settings and then select OK to save your changes:

Name

The name of the IPS sensor.

Comments

Optional description of the IPS sensor.

Block malicious URLs

Enable this setting to block malicious URLs that FortiSandbox finds. Your FortiProxy unit must be connected to a registered FortiSandbox.

IPS Signatures and Filters

Add or edit an IPS signature or filter. See Add or edit an IPS signature or filter.

While individual signatures can be added to a sensor, a filter allows you to add multiple signatures to a sensor by specifying the characteristics of the signatures to be added.

Scan Outgoing Connections to Botnet Sites

Select Block or Monitor to enable botnet blocking across all traffic that matches the policy.

View IPS Signatures

Select to see a list of predefined IPS signatures. To create an IPS signature, see Create or edit an IPS signature.

API Preview

The API Preview allows you to view all REST API requests being used by the page. You can make changes on the page that are reflected in the API request preview. This feature is not available if the user is logged in as an administrator that has read-only GUI permissions.
To use the API Preview:

  1. Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.

  2. Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.

  3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.

  4. Click Close to leave the preview.

To edit an IPS sensor:

  1. From the IPS sensor list, select the sensor that you need to edit and then click Edit from the toolbar or double-click on the sensor name in the list. The Edit IPS Sensor window opens.

  2. Edit the information as required and then select OK to save your changes.

Previous
Next