Creating the IPS Security Profile
This is by no means the only way to set up this IPS filter, but it is the way that the fictional System Administrator wants it set up. Yours may be different.
1. Go to Security Profiles -> Intrusion Protection -> IPS Sensors.
2. Create a new sensor
Name | A-V_Conference-incoming |
3. Select OK
4. In the newly created sensor, create a new IPS filter.
Sensor Type | Filter Based |
Filter Options | Advanced |
Severity | • Critical • High • Medium • Low |
Target | • Server |
OS | • Windows |
Application | • IIS • other |
Protocol Use the [Show more...] option | • HTTP • LDAP • SIP • SSL • H323 |
Packet logging | • enabled |
Based on these filters there should be somewhere in the neighborhood of 750 signatures that the FortiGate will run traffic against in the IPS engine.