FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
nmerchant
Staff
Staff

Description
This article describes how to create and re-order entries in IPS profile through FortiManager.

Solution

a)    Create an IPS profile, add an IPS filter to monitor signatures with medium, high and critical severity and enable a Rate Based Signature.
 
This is done under Policy & Objects > Object Configurations > Security Profiles > Intrusion Prevention.
 
Use the IPS profile in the appropriate policy.
 
 
b)    On the policy install preview, the IPS filter entry is above the Rate Based Signature entry.
 
 
 
c)    To re-order such that the Rate Based Signature is above the IPS filter entry, create a CLI script as the following to run on Policy package or ADOM Database.
 
 
 
 
d)    Run the script on the appropriate policy package.
 
 
e)    The install preview will now show the re-ordering as below.
 
f)    Push the policy package to the appropriate device.
 
Note: Any changes to the IPS profile will require modifying the script accordingly and running it on the policy package before the package is pushed to the device.
Contributors