scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fortigate/vdom_root/ips.cfg Wed Oct 15 08:27:19 PM EDT 2025

Browse Source
This commit is contained in:
John Poland 2025-10-15 20:27:20 -04:00
parent 516db9d8f6
commit f31b798a06
1 changed files with 81 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
configs/fortigate/vdom_root/ips.cfg Normal file
View File

@ -0,0 +1,81 @@
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
config entries
edit 1
set severity medium high critical
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
config entries
edit 1
set severity medium high critical
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
config entries
edit 1
set severity medium high critical
next
end
next
edit "all_default"
set comment "All predefined signatures with default setting."
config entries
edit 1
next
end
next
edit "all_default_pass"
set comment "All predefined signatures with PASS action."
config entries
edit 1
set action pass
next
end
next
edit "high_security"
set comment "Blocks all Critical/High/Medium and some Low severity vulnerabilities"
set block-malicious-url enable
config entries
edit 1
set severity medium high critical
set status enable
set action block
next
edit 2
set severity low
next
end
next
edit "protect_client"
set comment "Protect against client-side vulnerabilities."
config entries
edit 1
set location client
next
end
next
edit "protect_email_server"
set comment "Protect against email server-side vulnerabilities."
config entries
edit 1
set location server
set protocol SMTP POP3 IMAP
next
end
next
edit "protect_http_server"
set comment "Protect against HTTP server-side vulnerabilities."
config entries
edit 1
set location server
set protocol HTTP
next
end
next
end