No IPS log or Anomaly log recorded

Forum|Forum|2 years ago
February 4, 2024
1 reply
4446 views

Dears

Greeting

I had Fortigate 201F and 201E but we noitced no logs are recorded for IPS and Anomaly on device take in mind both features are enabled so plz could u advise

Bests

FortiGate

AEK

SuperUser

Hello Mustapha

First, make you enabled the required logs:

Enable All traffic logs under Log & Report > Log Setting
Enable All traffic logs at policy level where you have enabled IPS and AV profiles

Try to download a dummy virus file like eicar, here FG should block it and you should find the log under Log & Setting > AV.

In case you didn't enable SSL deep inspection then you will only catch viruses and attacks under http and other unencrypted protocols.

So if you want to catch viruses and attacks under https you need to enable SSL deep inspection.

AEK

MustphaBassimAuthor

New Member

Hello Dear and thnx for reply

if i enable deep insepection i need to put the SSL certication on the firewall itself and put FG firewall certication on servers/clients , any approch for going that without putting the SSL certication ?

Bests

AEK

SuperUser

Hello

You have choice between two options:

Use FG embedded certificate and push it to your clients via GPO
Or use your domain private certificate: put a subordinate CA cert on FG

https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/680736/microsoft-ca-deep-packet-inspection

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded