Intrusion Prevention System (IPS) technology protects the network from attacks by seeking and blocking external threats before they reach network devices. Fortinet uses a customizable database of threats to enable FortiGate and FortiWiFi appliances to stop attacks that evade near the firewall. It enables the system to recognize threats for which no signature has been developed.
Fortinet’s IPS Engine protects the organization with precision and accuracy. It helps to know unknown network-threats and regularly updates real-time and zero-day signatures. This adds more protection with advanced threat protection and strong authentication solutions. With this it would provide greater visibility and control over applications, users, and devices to flexibly deploy using IPS Sensors.
ü IPS sensors apply appropriate IPS signatures to different protection profiles.
ü Enables logging and alert email to maintain user awareness of attacks on the network.
ü It ignores sessions after a set amount of traffic has passed.
ü Low latency and high capacity ensure business applications are not affected while security is enforced.
ü Protects critical digital resources from both internal exploits and external cybercriminals.
Fortinet IPS offers a wide range of tools to monitor and block malicious activity. These tools are predefined signatures, protocol decoders, custom signature entries, packet logging, and IPS sensors. IPS sensors allow or blocks traffic depending on what is stated in the network.
Predefined signatures are provided to Fortinet through the FortiGuard network. These signatures are used to detect attacks against unpatched operating system vulnerabilities to invalid checksums in UDP packets. The FortiGuard IPS vulnerability database keeps up-to-date with protection for new attacks.
Protocol decoders identify abnormal traffic patterns that do not meet the protocol requirements and standards. For example, the HTTP decoder monitors traffic to identify any HTTP packets that do not meet the HTTP protocol standard.
Packet logging can be used to save packets matched by one or more IPS signatures. The packets are saved as log messages and packet contents can be viewed and analyzed using log message analysis tools.
Fortinet service provider network supports many different applications, protocols and operating systems at the same time. This diverse infrastructure results in delays and systems that are vulnerable for evolving threats.
The combination of known and unknown threat prevention enables FortiGate systems to stop the most damaging attacks near the network regardless of whether the network is wired or wireless, or whether it is at corporate headquarters or a branch office.