Filter
Top Products
274 Fortinet Inc.
Detecting attacks Network Intrusion Detection System (NIDS)
Figure 80: Example signature group members list
Disabling NIDS attack signatures
By default, all NIDS attack signatures are enabled. You can use the NIDS signature
list to disable detection of some attacks. Disabling unnecessary NIDS attack
signatures can improve system performance and reduce the number of IDS log
messages and alert emails that the NIDS generates. For example, the NIDS detects a
large number of web server attacks. If you do not provide access to a web server
behind your firewall, you might want to disable all web server attack signatures.
To disable NIDS attack signatures
1 Go to NIDS > Detection > Signature List.
2 Scroll through the signature list to find the signature group that you want to disable.
Attack ID numbers and rule names in attack log messages and alert email match
those in the signature group members list. You can scroll through a signature group
members list to locate specific attack signatures by ID number and name.
3 Clear the Enable check box.
4 Select OK.
5 Repeat steps 2 to 4 for each NIDS attack signature group that you want to disable.