Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssteo
Staff
Staff

Created on ‎08-22-2021 07:53 AM Edited on ‎08-19-2024 08:50 AM By Community Manager

Article Id 193903

Technical Tip: How to block a signature

Description

 

This article describes how to choose a signature in an IPS profile and change the default action.

 

Scope

 

FortiGate.


Solution

 

  1. Go to Security Profiles -> Intrusion Prevention, select an IPS profile, and select ‘Edit’.

  2. Under ‘IPS Signatures and Filters’, select ‘Create New’.

 

IPS sign.PNG

 

  1. Under the ‘Add signatures’ page, make sure Type is set to ‘Signature’. Search for a signature to block. In this example, it is ‘MS.Windows.Server.HTTP.sys.DoS’. Select that signature and select ‘Add Selected’. Change the ‘Action’ from ‘Default’ to ‘Block’ and select ‘OK’.

 

signature.PNG

 

  1. The signature appears under ‘IPS Signatures and Filters’ with 'Action = Block'. Select ‘OK’ to save.
block1.PNG

 

4839
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.