Hi, I have been working on a demo project and am trying to configure IPS on my fortigate. I had to turn the feature on and I can configure a fw policy with the profiles. I am very new to firewalls and I have not placed the ips sensors on all the correct policies. I want to modify those policies but when i go into them they no longer have options to change the security stuff(av, webfiltering, ips, ect) do I have to delete the rule and recreate it every time or is there a way to edit?
Solved! Go to Solution.
Hello
Try not change the default profile. Always create your own and edit them as needed. I think is better do so.
If you are not familiar with security profiles, like IPS, App and so, just use the default profiles, they are good ones.
Hello
Try not change the default profile. Always create your own and edit them as needed. I think is better do so.
If you are not familiar with security profiles, like IPS, App and so, just use the default profiles, they are good ones.
Thanks for the quick response, I am about to go up there to try this out. Can you guide me on where to put the sensors? I know they should go on any policy going to the Webserver DMZ, I Have no policies allowing other traffic into the network except for vpn. Do my internet access policies for internal users need IPS? what about my tunnels?
I'd suggest to set IPS for the following policies in order of priority.
For the last one (internal server to internal server) we "usually" avoid UTM profiles for traffic that requires high performance, e.g.: from some App server to some DB server.
When starting with IPS you can use the default profile since its good one for almost all cases, then once you get familiar with configuring IPS profile (read from admin guide) you can optimize your own, e.g.: using filters like Client, Server, Severity and so ...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.