There are scenarios where it is necessary to disable/stop/restart the IPS engine to optimize high CPU or memory.

• To verify the status of the IPS engine:

diagnose test application ipsmonitor 1

It is possible to see some status of the IPS engine.

• In the below screenshot, it is possible to see the information to start and stop the IPS engine:

• To stop the IPS engine, run this CLI command:

diagnose test application ipsmonitor 98

Note: IPSEngine will be started if the FortiGate reboots or IPSEngine update is triggered.

• Verify if the IPSEngine is stopped or not:

diagnose sys top 1 20   <----- Ctrl+c to stop debug (by checking whether the daemon is running or not).

diagnose test application ipsmonitor 1  

• In the below screenshot, the information status is missing which was visible in image 1.

• To restart  the IPSengine, run this CLI command:

diagnose test application ipsmonitor 99

• It is also possible to kill the IPS engine with the commands below:
  
  diagnose sys kill 11 <pid>     --> Generates Crash log.
  fnsysctl killall ipsengine      --> Does not generate Crash log.

• To start the IPS engine service back, run the below CLI command:

diagnose test application ipsmonitor 97

• Verify if the IPS engine works or not by running the below CLI command:

diagnose test application ipsmonitor 1