Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Contributor II

IPS filter on Policy ID with multiple protocols


I have following question

Lets assume we have a firewall policy permitting Windows Active Directory Traffic (which resulst various TCP, UDP protocols).

Ifr for example I create an IPS filter containning these protocols , when requests reach firewall all traffic will be inspected by IPS filter for any protocols , OR 

example : if it is DNS traffic, only DNS replated IPS signatures will scan packets ?


Example: One IPS filter for DNS + LDAP, + NTP +ICMP

if for example I ping an IP address , by maching rule with this IPS filter, packet will be inspected for all protocols above or ICMP only ???



If all else fails, use the force !

-------------------------------------------- If all else fails, use the force !
Esteemed Contributor III

As in the flow diagram, it wouldn't look for UTM profiles, and then execute inspections, until the traffic matches a policy. If the matching policy doesn't have UTM configured, the inspection based on the profile never happens.

Top Kudoed Authors