Cisco threat-detection shun - How to do it on Forti-OS 6.0.6 100F

Author
brfrankl
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/08/14 09:27:56
  • Status: offline
2019/08/14 09:37:35 (permalink)
0

Cisco threat-detection shun - How to do it on Forti-OS 6.0.6 100F

We are exchanging a Cisco ASA 5010 for a Fortigate 100F and want to configure the same rules/features as the Cisco had.  One thing that we have not been able to find is the equivalent to Cisco threat-detection basic (and shun exceptions)..  Can someone point me in the right direction?   We didn't buy any additional licenses/features so this is just the plain 100F.
 
Here is the example from the Cisco
 
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 10.10.10.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 10.10.10.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 10.10.11.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 172.20.100.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 172.20.105.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 192.168.0.0 255.255.248.0
threat-detection scanning-threat shun except ip-address 192.168.8.0 255.255.248.0
threat-detection scanning-threat shun except ip-address 10.10.12.0 255.255.255.0
threat-detection scanning-threat shun except object-group AV_HOSTS
threat-detection scanning-threat shun duration 300
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
 
TIA
Brian
#1

0 Replies Related Threads

    Jump to:
    © 2019 APG vNext Commercial Version 5.5