Firewall Policy Using DoS policies to detect and prevent attacks
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 405
http://docs.fortinet.com/ • Feedback
If virtual domains are enabled on the FortiGate unit, DoS policies are configured
separately for each virtual domain; you must access the VDOM before you can configure
its policies. To access a VDOM, go to System > VDOM, and in the row corresponding to
the VDOM whose policies you want to configure, select Enter.
You can add, delete, edit, and re-order policies in the DoS policy list. DoS policy order
affects policy matching. As with firewall policies, DoS policies are checked against traffic in
the order in which they appear in the DoS policy list, one at a time, from top to bottom.
When a matching policy is discovered, it is used and further checking for DoS policy
matches are stopped.
To view the DoS policy list, go to Firewall > Policy > DoS Policy.
Figure 216: The DoS policy list
Create New Add a new DoS policy. Select the down arrow beside Create New to
add a new section to the list to visually group the policies.
Column Settings Customize the table view. You can select the columns to hide or
display and specify the column displaying order in the table. See
“Using column settings to control the columns displayed” on page 103.
Section View Select to display firewall policies organized by interface.
Global View Select to list all firewall policies in order according to a sequence
number.
Filter icon Edit the column filters to filter or sort the policy list according to the
criteria you specify. For more information, see “Adding filters to
web-based manager lists” on page 99.
Status When selected, the DoS policy is enabled. Clear the checkbox to
disable the policy. See “Enabling and disabling policies” on page 389.
ID A unique identifier for each policy. Policies are numbered in the order
they are created.
Source The source address or address group to which the policy applies. For
more information, see “Firewall Address” on page 421.
Destination The destination address or address group to which the policy applies.
For more information, see “Firewall Address” on page 421.
Service The service to which the policy applies. For more information, see
“Firewall Service” on page 427.
DoS The DoS sensor selected in this policy.
Interface The interface to which this policy applies.
Delete icon Delete the policy from the list.
Edit icon Edit the policy.
Delete
Edit
Move To
Insert Policy before
Filter
Enable or Disable a Policy
To Next Page
Loading...
Need help?
General
