FortiGate Firewall HOW-TO - IPS & DOS protection

0 %
100 %
Information about FortiGate Firewall HOW-TO - IPS & DOS protection

Published on March 18, 2014

Author: ipmaxsrl



In this lesson, we will show you how to enable the #IPS features and enable #DOS policy onto the #FortiGate #firewall. Stay with us!


INTRODUCTION In the enterprise environment is usual to have one or more public servers offering web services and more. This servers are internally placed in DMZs (discussed in a previous post), but the DMZs alone don’t provide all security features to keep servers protected by external attacks. Attacks to these servers usually exploit known software vulnerabilities and use common tricks, so a system able to detect and block them could be a valid countermeasure to this kind of attacks. A system that can monitor and detect network attack is called Intrusion Detection System (IDS), a system able to block them is called Intrusion Prevention System (IPS). In the following slides we will show you how to enable the IPS features onto the FortiGate firewall.

CONFIGURING IPS As other UTM functionalities, the IPS bases itself on Security Profiles and sensors. Go to Security Profiles > Intrusion Protection > IPS Sensors and click the plus icon in the upper right corner of the window to create a new sensor. Give it a name and click onto the OK button. Now we have to crate a new IPS filter, choosing which vulnerabilities to monitor and block. Because we are protecting a server, we could restrict the list of recognized vulnerabilities using the Target and OS check boxes. See next slide to see a picture of the IPS filter configuration.

CONFIGURING IPS - CONTINUED Because we aim to block attacks instead only monitoring them, we must select “Block All” at the end of the page. As seen in the previous post, every security profile needs to be applied in a security police. Go to Policy > Policy > Policy and edit your policy that permits the DMZ to be reached from the Internet, then add the just created IPS security profile.

CONFIGURING DOS PROTECTION DOS attacks tend to overwhelm server resources with a huge amount of connections. To avoid this kind of attack a DOS policy is required. Before creating the DOS policy, make sure your FortiGate Firewall has the Vulnerability Scan feature enabled. To enable it go to System > Config > Feature and click the ON button. Finally go to Policy > Policy > DoS Policy and create a new policy with incoming interface your Internet facing port; then set source IP, destination IP and service to “All” in order to intercept any attack on that port. Finally, in the Anomaly List you could set attack types you want to detect and block. Make sure to select the Block action.

MORE NEEDS? See hints on Or email us your questions to

IPMAX IPMAX is a Fortinet Partner in Italy. IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation. IPMAX srl Via Ponchielli, 4 20063 Cernusco sul Naviglio (MI) – Italy +39 02 9290 9171

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

Fortinet Video - Watch: Protect Server IPS/DoS

Fortinet Video Library. ... What to Watch; Products; Channels; Playlists; Protect Server IPS/DoS ... How to Fix FortiGate & FortiAnalyzer Logging Issues
Read more

FortiGate Firewall HOW-TO - IPS & DOS protection - Technology

FORTIGATE FIREWALL HOW TO IPS AND DOS PROTECTION ; INTRODUCTION In the enterprise environment is usual to have one or more ...
Read more

How Do I Protect Against External Attacks? | Fortinet Blog

How Do I Protect Against External ... While IPS targets attackers attempting to bypass your firewall, DoS protection deals with ... How to protect your ...
Read more

FortiGate Cookbook - Protect Server IPS/DoS (5.2) - YouTube

In this video, you will protect a web server against external attacks, using a FortiGate with an Intrusion Prevention System (IPS) profile and a ...
Read more

FortiGate DoS Protection

FortiGate DoS Protection ... helps in blocking DoS attacks, and offers suggestions on how to ... drops DoS packets before requiring firewall policy ...
Read more

Protect Web Server IPS/DoS (Video) - FortiGate Cookbook

... you will protect a web server against external attacks, ... How to work with Fortinet Support; ... Protect a web server with IPS/DoS policy (Video ...
Read more

Inside FortiOS: Denial of Service (DoS)

Denial of Service (DoS) Protection ... a complement to signature-based IPS protection, ... Firewall etc. Out of Band FortiGate unit DoS Port 2 Port 1 Port ...
Read more


How to Buy; Threat Assessment ... Fortinet's Advanced Threat Protection (ATP) ... Internal Segmentation Firewall; Advanced Threat Protection; Data Center ...
Read more