Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Seeking Clarification on Network IPS Signature Grouping in Fortinet

Hello Fortinet Community,

I am new to Fortinet and have a question regarding the Network IPS signatures. I've noticed that there are different groups for each signature such as "backdoor," "web_app3," "misc," "operating_system," and so on. However, I couldn't find any detailed descriptions for these groupings in my web search.

For reference, other platforms like Palo Alto provide comprehensive information about their threat signatures grouping (example link: Palo Alto Threat Signatures ), but I'm struggling to locate similar information for Fortinet.

Could someone please help me understand the purpose and specifics of these signature groupings in Fortinet? Any guidance with description or links to relevant documentation would be greatly appreciated.

Thank you in advance for your assistance!

New Contributor II

I'm also curious about the functioning of antivirus logs. Is there a comparable system in place for them?

Top Kudoed Authors