This application requires Javascript for optimal performance.

Intrusion Prevention

The FortiGuard Intrusion Prevention Service provides Fortinet customers with the latest defenses against stealthy network-level threats. It uses a customizable database of more than 4000 known threats to enable FortiGate and FortiWiFi appliances to stop attacks that evade conventional firewall defenses. It also provides behavior-based heuristics, enabling the system to recognize threats for which no signature has yet been developed.

The combination of known and unknown threat prevention enables FortiGate systems to stop the most damaging attacks at the network border regardless of whether the network is a wired, wireless, partner extranet, or branch office network connection.

Additionally, the FortiGuard IPS provides more than 1000 application identity signatures for complete application control. IPS signature updates are provided quickly via the global FortiGuard distribution network.

Resources

FortiGuard Encyclopedia

FortiGuard Encyclopedia contains detailed descriptions of known viruses, spyware, vulnerabilities and applications.
Read more

Security Research

Papers and presentations from the FortiGuard Global Threat Research Team, updates on the latest Intrusion Prevention techniques.
Read more

Severity Levels

Learn how the FortiGuard Global Threat Research Team provides severity rating on the coverage of vulnerabilities.
Read more

IPS feedIPS Updates

3.144 ( Released: Feb 2, 2012 23:15:00 )

New ( 1 )
  • Soda.PDF.Professional.PDF.WWF.File.Parsing.Remote.DoS (low)
Enhanced ( 2 )
  • Kerberos.Spoofing (high)
  • MS.IIS.Malformed.File.Extension.Handling.DoS (medium)

3.143 ( Released: Feb 1, 2012 23:33:00 )

New ( 5 )
  • Adobe.Flashplayer.Authplay.Remote.Code.Execution (critical)
  • Apache.HTTP.Server.ByteRange.DoS (medium)
  • Mozilla.URL.Encode.Stack.Buffer.Overflow (critical)
  • ProFTP.Welcome.Message.Overflow (high)
  • Rosoft.Player.M3U.Buffer.Overflow (medium)
Enhanced ( 7 )
  • Aol.Desktop.Rtx.Buffer.Overflow (high)
  • FTP.NLST.Directory.Traversal (low)
  • Jcow.CMS.PHP.Remote.Code.Execution (high)
  • MS.IE.FTP.Client.Folder.Traversal (high)
  • MS.Windows.ATMFD.Font.Driver.Remote.Code.Execution (critical)
  • MS.Windows.Media.Library.ASF.File.Buffer.Overflow (critical)
  • MS.Windows.Media.MIDI.Remote.Code.Execution (critical)
Deprecated ( 2 )
  • MS.IE.FTP.Client.Directory.Traversal (high)
  • Waledac.Botnet.CC (critical)

3.142 ( Released: Jan 31, 2012 23:41:00 )

New ( 18 )
  • Apple.QuickTime.JPEG2000.COD.Length.Integer.Underflow (critical)
  • Cisco.Mutiple.Products.File.Parameter.Directory.Traversal (high)
  • Citrix.Provisioning.Services.Multiple.OpCodes.Integer.Underflow (critical)
  • Citrix.Provisioning.Services.streamprocess.exe.Integer.Overflow (high)
  • CyberLink.Multiple.Products.File.Project.Buffer.Overflow (high)
  • HP.Diagnostics.magentservice.exe.Remote.Code.Execution (critical)
  • HP.Easy.Printer.Care.ActiveX.Control.Remote.Code.Execution (high)
  • HP.ProtectTools.Device.Access.Manager.ActiveX.Buffer.Overflow (high)
  • ISC.DHCP.Server.DHCPv6.NULL.Pointer.Dereference (medium)
  • Microsys.PROMOTIC.Project.File.Handling.Remote.Code.Execution (medium)
  • Nagios.XI.Multiple.HTTP.XSS (medium)
  • Optima.APIFTP.Multiple.DoS (medium)
  • Oracle.9IAS.OracleJSP.Information.Disclosure (medium)
  • Oracle9i.HTTP.Server.Web.Administration.Access.Authentication (medium)
  • PHP.Exif.Header.Parsing.Integer.Overflow (medium)
  • Siemens.SIMATIC.WinCC.Flexible.HmiLoad.Multiple.Vulnerabilities (critical)
  • Siemens.SIMATIC.WinCC.Flexible.miniweb.DoS (medium)
  • VMware.Update.Manager.Jetty.Server.Directory.Traversal (medium)
Enhanced ( 12 )
  • Adobe.PDF.U3D.File.Memory.Corruption (high)
  • Citrix.XenCenterWeb.Input.Validation (medium)
  • CoDeSys.Scada.Webserver.Stack.Buffer.Overflow (high)
  • Cytel.Studio.CY3.File.Overflow (high)
  • eFront.Multiple.Parameters.XSS.And.SQL.Injection (medium)
  • FTP.NLST.Directory.Traversal (low)
  • HTTP.URI.XSS (medium)
  • IBM.Lotus.Notes.123File.Viewer.Remote.Buffer.Overflow (high)
  • MS.IIS.WebDAV.Authentication.Bypass (medium)
  • MS.SQL.Server.Payload.Execution (high)
  • MS.Windows.Embedded.Packager.Remote.Code.Execution (high)
  • Oracle9i.Default.Configuration.File.Information.Disclosure (medium)
Renamed ( 1 )
  • HTTP.Request.URI.Directory.Traversal (Previous name: "Bajie.HTTP.JServer.CGI.Remote.Command.Execution")
Attribute Changed ( 10 )
  • Apple.QuickTime.Uncompressed.PICT.Image.Stack.Overflow (Default_action updated to 'drop')
  • CA.ARCserve.Backup.Server.LGServer.Buffer.Overflow (Default_action updated to 'drop')
  • Computer.Associates.License.GCR.String.Buffer.Overflow (Default_action updated to 'drop')
  • MS.IE.XSLT.Memory.Corruption.Remote.Code.Execution (Default_action updated to 'drop')
  • MS.Windows.Groove.Dll.Hijacking (Default_action updated to 'drop')
  • MS.Windows.Mail.Insecure.Library.Loading (Default_action updated to 'drop')
  • MS.Windows.Shell.LNK.Code.Execution (Default_action updated to 'drop')
  • Oracle.GlassFish.Server.Malformed.Username.XSS (Default_action updated to 'drop')
  • Symantec.IM.Manager.Multiple.XSS (Default_action updated to 'drop')
  • Trend.ServerProtect.Agent.Service.Buffer.Overflow (Default_action updated to 'drop')