Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tom1o
New Contributor

IDS in Sniffer mode should detect certain protocols only

I need to know how I can establish following configuration.

1. IDS in sniffer mode on one port (done and working)

2. I sniff the whole network traffic (done and working)

3. I want to sniff the network for all protocols but NTP or RDP shall not create an alarm or entry in the Syslog. I want to create a whitelist of protocols which are allowed in my network. All other shall create an alram. (i dont know to procede not done ) 

 

Can somebody support me in that task??? I would be very grateful.

 

Exist some cockbook or configuration manual which deals with that topic? I searched a lot but I couldnt find something which is matching to my problem.

 

Best Wishes 

 

tom1o

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors