IDS mailing list archives

Re: Fortinet IDS

From: Don Draper <don () draperconsulting com>
Date: 14 Oct 2004 13:30:38 -0000

In-Reply-To: <200407270109.i6R19ZZr041277 () mx-out daemonmail net>

Does anyone know if Fortinet on-board virus scanning uses an SMTP proxy server? Or is it able to accomplish this 
transparently by simply inspecting the packets as most the IDS/IPS do.

We just purchased a new Proventia M10 from ISS and have discovered that we cannot use it for Anti-Virus (email) or 
Anti-Spam due the ffact that it uses an on-board SMTP proxy server that does not support SMTP authentication among 
other issues. The IPS module does not need the proxy and works fine.  Having on-board virus scanning at the network 
edge would be very helpful and Fortinet docs would make you think it is ALL done with packet inspection and without any 
nasty proxies in the middle. Does anyone know how this works?

TIA,
Don


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------

Current thread:

Re: Fortinet IDS Don Draper (Oct 15)
- Re: Fortinet IDS Mark Teicher (Oct 18)
- Re: Fortinet IDS Ian Gallagher (Oct 18)
  - Re: Fortinet IDS Jason (Oct 19)
    - Re: Fortinet IDS Ryan Whalen (Oct 21)
    - Re: Fortinet IDS Ron Gula (Oct 21)
  - Message not available
    - Re: Fortinet IDS Ian Gallagher (Oct 21)
- <Possible follow-ups>
- RE: Fortinet IDS Tom Neclerio (Oct 19)
- RE: Fortinet IDS David Puckett (Oct 21)
  - snort-inline capabilities ( WAS: Re: Fortinet IDS ) Jason (Oct 21)
- RE: Fortinet IDS Michael Allgeier (Oct 21)