IPS for Ebanking website

Forum|Forum|7 years ago
August 5, 2018
1 reply
5337 views

Hello Guys,

My customer has a Fortigate 1500d protecting its ebanking website ( server has SSL certificate)

He wants to deploy IPS for this ebanking.

Can you please advise if this is feasible without having certificate errors?

Marine25Author

New Member

Hello ,

Any ideas?

Thanks

crispy

New Member

You really want to be using a WAF for protecting a site like that. IPS is going to detect know exploits and by all means should be enabled. However you really should be looking at the requests for xss and other hacking and exploits. Although the Fortigate has a basic WAF function, it is not really suited to what you are wanting to use it for. You would end up with many false positives most likely causing everyone grief.

Marine25Author

New Member

We are indeed including a WAF in the design (Barracuda). It will sit after the fortigate.

I wanted to add two layers of security: IPS + WAF.

But to achieve that i will need to install the private keys + the Cert on the fortigate. Is that correct?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded