IPS configuration for RDS gateway and RDP

I hope you're not opening up RDP on a wan facing interface?  That's really way less secure than doing cert and 2FA VPN (IPsec or SSL) to access the network, then RDP from within the VPN.

You can start with the pre-canned IPS profiles to protect servers, but that's just the start.

Beyond that you can search through the IPS definitions to see what's appropriate for your case.  For example, you would want to enable a rate based MS.RDP.Connection.Brute.Force with some pretty low numbers.  Take a look at https://docs.fortinet.com/document/fortigate/6.0.0/handbook/888618/examples for some examples.  

A google search will show a lot of this, with some examples.