Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sims
New Contributor III

Created on ‎09-01-2020 12:09 PM

Ips Action Default

Hi

 

 

Ips default action change from  block to monitor, why it is changing in the database also ? 

 

If I need two sensor, in one  I need to block  and the other one I need to monitor 

What is the default action in the signature database ? 

 

Thanks 

2361
0 Kudos
1 REPLY 1
Yurisk
Valued Contributor

Created on ‎09-01-2020 09:48 PM

Default action of most of the signatures is PAss/Monitor, this is done by Fortinet to prevent false positives. Also, it may change per signature basis after an IPS update.

TO control the signature action use Signature Override, which was created exactly for that, such action will not be changed by updated to IPS.

 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.
1793
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.