Some helpful info here too, on the native IPS features:
https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-security-profiles/IPS/Enable%20IPS%20scanning.htm
I'm interested in doing this too. Did you ever find out how? For now I'm
manually blocking IPs/subnets with a Local-in-policy but that's
reactive. Create an address group called "BLOCK-ME" or label of your
choice, then use SSH or CLI to edit the loca...
Looks to me like this part should work for basic wan1 mirroring, however
I'm unable to add wan1 to the members, or select as a source: config
system switch-interface edit "mirror" set member port5 wan1 set span
enable set vdom root set span-dest-port...
Working on similar for a 201e firewall. I don't see the options in the
GUI, however the CLI seems to support the commands. However, it won't
let me use wan1 as a member, or a span source. Also, my switch ports (13
and 14) are an aggregate, so I am un...