- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Intrusion Protection Log show heartbeat information attack
Hi,
Is anyone know that what is this log mean
I'm encounter with this log in my fortigate 100D , I already enable IPS, AV, Web filtering. Is this attack need to worried ?
What should I do with me fortigate 100D
Thanks
Millibhu
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi vjoshi_FTNT,
I was accidentally change the default IPS mode from Filter based to Specify signatures as below screenshot
and the severity is gone , how could I change it back to Filter based
Thanks
Millibhu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try the below CLI:
FGT # config ips sensor FGT (sensor) # edit default FGT (default) # config entries FGT (entries) # edit 1 FGT (1) # unset rule FGT (1) # next FGT (entries) # end FGT (default) # end
And then look at the GUI, it should show the default type.
Millibhu wrote:Hi vjoshi_FTNT,
I was accidentally change the default IPS mode from Filter based to Specify signatures as below screenshot
and the severity is gone , how could I change it back to Filter based
[attachImg]https://forum.fortinet.com/download.axd?file=0;127244&where=message&f=default 2.jpg[/attachImg]
Thanks
Millibhu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Vjoshi,
I already follow your instruction
This should be sufficient right
Thank for helping
Millibhu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Millibhu,
If you have less firewall policy, a quick solution would be to create a new sensor and create filter based sensor with Signature defaults and replace the previous sensor with the new one on the Firewall policies.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That looks to be good. Just monitor it and check the logs.
By the way, packet logging is not needed in this case.
- « Previous
-
- 1
- 2
- Next »