diff --git a/configs/fortigate/vdom_root/ips.cfg b/configs/fortigate/vdom_root/ips.cfg new file mode 100644 index 0000000..250607a --- /dev/null +++ b/configs/fortigate/vdom_root/ips.cfg @@ -0,0 +1,81 @@ +config ips sensor + edit "g-default" + set comment "Prevent critical attacks." + config entries + edit 1 + set severity medium high critical + next + end + next + edit "g-sniffer-profile" + set comment "Monitor IPS attacks." + config entries + edit 1 + set severity medium high critical + next + end + next + edit "g-wifi-default" + set comment "Default configuration for offloading WiFi traffic." + config entries + edit 1 + set severity medium high critical + next + end + next + edit "all_default" + set comment "All predefined signatures with default setting." + config entries + edit 1 + next + end + next + edit "all_default_pass" + set comment "All predefined signatures with PASS action." + config entries + edit 1 + set action pass + next + end + next + edit "high_security" + set comment "Blocks all Critical/High/Medium and some Low severity vulnerabilities" + set block-malicious-url enable + config entries + edit 1 + set severity medium high critical + set status enable + set action block + next + edit 2 + set severity low + next + end + next + edit "protect_client" + set comment "Protect against client-side vulnerabilities." + config entries + edit 1 + set location client + next + end + next + edit "protect_email_server" + set comment "Protect against email server-side vulnerabilities." + config entries + edit 1 + set location server + set protocol SMTP POP3 IMAP + next + end + next + edit "protect_http_server" + set comment "Protect against HTTP server-side vulnerabilities." + config entries + edit 1 + set location server + set protocol HTTP + next + end + next +end