Technical Tip: How to apply UTM security profiles on FortiGate interfaces
Description
This article describes How to apply UTM security profiles on FortiGate interfaces.
Solution
Without UTM security profiles assigned to FortiGate interface:
In this example, IPS Sensor was used but other UTM security profiles can be bind to the firewall interface policy as well.
Solution.
FortiGate.
This article describes How to apply UTM security profiles on FortiGate interfaces.
Solution
Without UTM security profiles assigned to FortiGate interface:
Solution.
FortiGate.
# config ips customResults.
edit "102613"
set signature "F-SBID( --attack_id 4976; --name \"HTTP.OPTIONS.LEMUEL\"; --service HTTP; --flow from_client; --pattern \"OPTIONS \"; --context uri; --no_case; --within 8,context; )"
set severity critical
set action block
set comment ''
next
end
# config ips sensor
edit "IPS_Filter"
set block-malicious-url enable
set scan-botnet-connections block
# config entries
edit 1
set rule 4976
set status enable
set action block
set quarantine attacker
set quarantine-expiry 1d
next
end
next
end
# config firewall interface-policy
edit 1
set interface "wan1"
set srcaddr "all"
set dstaddr "all"
set service "ALL"
set ips-sensor-status enable
set ips-sensor "IPS_Filter"
next
end
Related Articles