Hi, I want to allow FTP clients in my LAN to connect to FTP servers
outside over TLS. The server is listening in port 21 but after the
initial communication client and server must communicate in a high port,
but it seems the Fortigate doesn't open th...
I am using IPS signatures filtered by operating system and target =
Client to protect my clients.I thought that with this policy I could
prevent and detect botnets and attacks to my clients when they browse
the Internet.But now I see that most Botnet...
Hi, I would like to protect an streaming server, a Wowza server. It uses
RTMP (TCP 1935) for streaming. What filters do I have to use in the
IPS?I don't find RTMP protocol in the IPS filters, does it mean that I
can not do anything?Thanks
It seems my ips engine never udpdates. I have Fortigate 5.6.6 with IPS
engine Version 3.00538Fortigate announces updates, are they automatic?
what do I have to do? what is the normal procedure to update IPS?I don't
have any problem with the IPs but I...
So do you create an outbound policy with all allowed protocols and apply
an IPS sensor for all protocols (including SSL and HTTPS) and
certification inspection to the policy. Is this correct?Or is it better
to separate into 2 policies: one for unencr...
Yes, I think Fortigate IPS is not easy to understand and it needs to
improve his documentation and some areas.For example, for outbound
traffic, how do you configure SSL and HTTPS in the IPS? Do you have SSL
and HTTPS in another policy with a differe...
totally agreeAdding manually is impossible to manage, it's like an
antivirus without updates.Maybe, it's better to add client and server to
the protect_client IPS profile for outbound traffic. In this case, the
drawback can be the performance
