Hello Guys,
My customer has a Fortigate 1500d protecting its ebanking website ( server has SSL certificate)
He wants to deploy IPS for this ebanking.
Can you please advise if this is feasible without having certificate errors?
Hello ,
Any ideas?
Thanks
You really want to be using a WAF for protecting a site like that. IPS is going to detect know exploits and by all means should be enabled. However you really should be looking at the requests for xss and other hacking and exploits. Although the Fortigate has a basic WAF function, it is not really suited to what you are wanting to use it for. You would end up with many false positives most likely causing everyone grief.
We are indeed including a WAF in the design (Barracuda). It will sit after the fortigate.
I wanted to add two layers of security: IPS + WAF.
But to achieve that i will need to install the private keys + the Cert on the fortigate. Is that correct?
Sorry for the late reply. You have probably already worked it out, but yes you would need to install the cert and key on the fortigate.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.