The FortiGuard IP Reputation service provides a database of known compromised or malicious client IP addresses. The database is updated periodically.
The IP Reputation configuration allows you to specify the action the system takes when an SLB virtual server receives traffic from a client with an IP address on the list. Table 60 lists limitations for IP Reputation actions.
Action | Profile Limitations | |
---|---|---|
Pass |
IPv4 only |
Not supported for RADIUS. |
Deny |
IPv4 only |
Not supported for RADIUS. |
Redirect |
IPv4 only |
Not supported for RADIUS, FTP, TCP, UDP. |
Send 403 Forbidden |
IPv4 only |
Not supported for RADIUS, FTP, TCP, UDP. |
Note: IP Reputation is also not supported for Layer 4 virtual servers when the Packet Forwarding Mode is Direct Routing.
Before you begin:
Settings | Guidelines |
---|---|
Category |
Depending the configuration on ForitGuard IP Reputation service, the IP reputation policy can be one of the following categories:
|
Status |
Enable or disable the category. |
Action |
Note: Layer 4 and TCPS virtual servers do not support Redirect or Send 403 Forbidden. If you apply an IP Reputation configuration that uses these options to a Layer 4 or TCPS virtual server, FortiADC logs the action as Redirect or Send 403 Forbidden but in fact denies the traffic. |
Severity |
The severity to apply to the event. Severity is useful when you filter and sort logs:
|
Log |
Eable or disable logging. |