Fortinet FortiGate 50A User Manual Page 222
- Page / 272
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
222 Fortinet Inc.
Logging attacks Network Intrusion Detection System (NIDS)
To set Prevention signature threshold values
1 Go to NIDS > Prevention.
2 Select Modify beside the signature for which you want to set the Threshold value.
Signatures that do not have threshold values do not have Modify icons.
3 Type the Threshold value.
4 Select the Enable check box.
5 Select OK.
Logging attacks
Whenever the NIDS detects or prevents an attack, it generates an attack message.
You can configure the system to add the message to the attack log.
• Logging attack messages to the attack log
• Reducing the number of NIDS attack log and email messages
Logging attack messages to the attack log
To log attack messages to the attack log
1 Go to Log&Report > Log Setting.
2 Select Config Policy for the log locations you have set.
3 Select Attack Log.
4 Select Attack Detection and Attack Prevention.
5 Select OK.
Reducing the number of NIDS attack log and email messages
Intrusion attempts might generate an excessive number of attack messages. Based
on the frequency that messages are generated, the FortiGate unit automatically
deletes duplicates. If you still receive an excessive number of unnecessary
messages, you can manually disable message generation for unneeded signature
groups.
Automatic message reduction
The attack log and alert email messages that the NIDS produces include the ID
number and name of the attack that generated the message. The attack ID number
and name in the message are identical to the ID number and rule name that appear
on the NIDS Signature Group Members list.
Note: For information about log message content and formats, and about log locations, see the
FortiGate Logging and Message Reference Guide.
- Installation and 1
- Configuration Guide 1
- Table of Contents 3
- 4 Fortinet Inc 4
- 6 Fortinet Inc 6
- 8 Fortinet Inc 8
- 10 Fortinet Inc 10
- Contents 11
- 12 Fortinet Inc 12
- Introduction 13
- Document conventions 14
- Fortinet documentation 15
- 16 Fortinet Inc 16
- Getting started 17
- Package contents 18
- Mounting 18
- Powering on 19
- 20 Fortinet Inc 20
- 22 Fortinet Inc 22
- 24 Fortinet Inc 24
- Strict content profile 25
- 26 Fortinet Inc 26
- Scan content profile 26
- Web content profile 26
- Unfiltered content profile 27
- NAT/Route mode 27
- 28 Fortinet Inc 28
- Transparent mode 28
- Configuration options 28
- Setup wizard 28
- 30 Fortinet Inc 30
- Next steps 31
- 32 Fortinet Inc 32
- NAT/Route mode installation 33
- 34 Fortinet Inc 34
- Using the setup wizard 35
- 36 Fortinet Inc 36
- FortiGate-50A 37
- Configuring your networks 38
- Completing the configuration 38
- 40 Fortinet Inc 40
- Transparent mode installation 41
- Changing to Transparent mode 43
- 46 Fortinet Inc 46
- General configuration steps 47
- 48 Fortinet Inc 48
- CLI configuration steps 48
- 50 Fortinet Inc 50
- 52 Fortinet Inc 52
- System status 53
- 54 Fortinet Inc 54
- 56 Fortinet Inc 56
- 58 Fortinet Inc 58
- 60 Fortinet Inc 60
- 62 Fortinet Inc 62
- Backing up system settings 64
- Restoring system settings 64
- Changing to NAT/Route mode 66
- Restarting the FortiGate unit 66
- 68 Fortinet Inc 68
- System status System status 69
- Session list 70
- 72 Fortinet Inc 72
- 74 Fortinet Inc 74
- Scheduling updates 76
- Adding an override server 77
- Enabling push updates 78
- 80 Fortinet Inc 80
- 82 Fortinet Inc 82
- Registering FortiGate units 83
- 84 Fortinet Inc 84
- FortiCare Service Contracts 84
- 86 Fortinet Inc 86
- 88 Fortinet Inc 88
- 90 Fortinet Inc 90
- 92 Fortinet Inc 92
- Network configuration 93
- 94 Fortinet Inc 94
- Viewing the interface list 94
- 96 Fortinet Inc 96
- 98 Fortinet Inc 98
- Configuring routing 100
- 102 Fortinet Inc 102
- Configuring the routing table 102
- Policy routing 103
- Configuring DHCP services 104
- Configuring a DHCP server 105
- 106 Fortinet Inc 106
- 108 Fortinet Inc 108
- Configuring modem settings 108
- Disconnecting the modem 109
- 110 Fortinet Inc 110
- Viewing modem status 110
- Backup mode configuration 110
- Standalone mode configuration 110
- 112 Fortinet Inc 112
- RIP configuration 113
- 114 Fortinet Inc 114
- 116 Fortinet Inc 116
- Adding RIP filters 117
- 118 Fortinet Inc 118
- 120 Fortinet Inc 120
- System configuration 121
- Changing system options 122
- 124 Fortinet Inc 124
- Configuring SNMP 125
- 126 Fortinet Inc 126
- 4 Select Apply 127
- 128 Fortinet Inc 128
- FortiGate MIBs 128
- FortiGate traps 129
- General FortiGate traps 129
- System traps 129
- Firewall configuration 131
- Replacement messages 133
- 134 Fortinet Inc 134
- Customizing alert emails 134
- NIDS event 135
- Virus alert 135
- Block alert 135
- 136 Fortinet Inc 136
- 138 Fortinet Inc 138
- Addresses 138
- Services 139
- Schedules 139
- Content profiles 139
- Adding firewall policies 140
- 142 Fortinet Inc 142
- VPN Tunnel 142
- Traffic Shaping 142
- Authentication 143
- Anti-Virus & Web filter 143
- Configuring policy lists 144
- Policy matching in detail 145
- Adding addresses 147
- 148 Fortinet Inc 148
- Editing addresses 148
- Deleting addresses 148
- 150 Fortinet Inc 150
- 152 Fortinet Inc 152
- Adding custom ICMP services 153
- Adding custom IP services 153
- Grouping services 153
- Creating one-time schedules 155
- Creating recurring schedules 155
- 156 Fortinet Inc 156
- Adding schedules to policies 156
- Virtual IPs 157
- 158 Fortinet Inc 158
- Adding static NAT virtual IPs 158
- 160 Fortinet Inc 160
- IP pools 161
- 162 Fortinet Inc 162
- Adding an IP pool 162
- IP pools and dynamic NAT 162
- IP/MAC binding 163
- 164 Fortinet Inc 164
- Adding IP/MAC addresses 165
- Enabling IP/MAC binding 165
- Default content profiles 167
- Adding content profiles 167
- 168 Fortinet Inc 168
- 170 Fortinet Inc 170
- Users and authentication 171
- 172 Fortinet Inc 172
- Configuring RADIUS support 174
- Configuring LDAP support 175
- 176 Fortinet Inc 176
- Deleting LDAP servers 176
- Configuring user groups 177
- 178 Fortinet Inc 178
- Deleting user groups 178
- IPSec VPN 179
- Key management 180
- Manual key IPSec VPNs 181
- AutoIKE IPSec VPNs 182
- IPSec VPN AutoIKE IPSec VPNs 183
- 184 Fortinet Inc 184
- Configuring advanced options 185
- 186 Fortinet Inc 186
- 188 Fortinet Inc 188
- Managing digital certificates 190
- 6 Configure the key 191
- 192 Fortinet Inc 192
- Obtaining CA certificates 192
- Configuring encrypt policies 193
- 194 Fortinet Inc 194
- Adding a source address 194
- Adding a destination address 194
- Adding an encrypt policy 195
- IPSec VPN concentrators 196
- 198 Fortinet Inc 198
- Adding a VPN concentrator 198
- 200 Fortinet Inc 200
- Viewing VPN tunnel status 201
- 202 Fortinet Inc 202
- Testing a VPN 202
- PPTP and L2TP VPN 203
- 204 Fortinet Inc 204
- 206 Fortinet Inc 206
- 208 Fortinet Inc 208
- Configuring L2TP 209
- 210 Fortinet Inc 210
- 212 Fortinet Inc 212
- 214 Fortinet Inc 214
- Detecting attacks 215
- 216 Fortinet Inc 216
- Viewing the signature list 217
- Viewing attack descriptions 217
- 218 Fortinet Inc 218
- Preventing attacks 220
- Logging attacks 222
- Manual message reduction 223
- 224 Fortinet Inc 224
- Antivirus protection 225
- Antivirus scanning 226
- File blocking 227
- 228 Fortinet Inc 228
- Viewing the virus list 229
- 230 Fortinet Inc 230
- Web filtering 231
- Content blocking 232
- Clearing the Banned Word list 233
- 234 Fortinet Inc 234
- URL blocking 235
- 236 Fortinet Inc 236
- Uploading a URL block list 236
- 238 Fortinet Inc 238
- Adding a Cerberian user 238
- Script filtering 240
- Exempt URL list 241
- 242 Fortinet Inc 242
- Uploading a URL Exempt List 242
- 244 Fortinet Inc 244
- Email filter 245
- Email banned word list 246
- Email block list 248
- Email exempt list 249
- Adding a subject tag 250
- Logging and reporting 251
- 252 Fortinet Inc 252
- Filtering log messages 253
- Configuring traffic logging 254
- Enabling traffic logging 255
- 256 Fortinet Inc 256
- Adding traffic filter entries 256
- Configuring alert email 257
- 258 Fortinet Inc 258
- Testing alert email 258
- Enabling alert email 258
- Glossary 259
- 260 Fortinet Inc 260
- Glossary 261
- 262 Fortinet Inc 262
- 264 Fortinet Inc 264
- 266 Fortinet Inc 266
- 268 Fortinet Inc 268
- 270 Fortinet Inc 270
- 272 Fortinet Inc 272
Related products and manuals for Hardware Fortinet FortiGate 50A
Hardware Fortinet FortiGate 620B User Manual
(62 pages)
(62 pages)
Hardware Fortinet FortiGate 100 User Manual
(272 pages)
(272 pages)
Hardware Fortinet FortiGate 5020 User Manual
(14 pages)
(14 pages)
Hardware Fortinet FortiLog-400 User Manual
(124 pages)
(124 pages)
© 2020, manymanuals.com. All rights reserved. | 1.101 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals