EasyManua.ls Logo

Fortinet Gate 60D - Configuring Dos Policies

Fortinet Gate 60D
706 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
DoS policies Firewall Policy
FortiGate Version 4.0 Administration Guide
338 01-400-89802-20090424
http://docs.fortinet.com/Feedback
Configuring DoS policies
The DoS policy configuration allows you to specify the interface, a source address, a
destination address, and a service. All of the specified attributes must match network
traffic to trigger the policy.
You can also use the config firewall interface-policy CLI command to specify
an IPS sensor to function as part of a DoS policy. For more information, see the FortiGate
CLI Reference.
For IPv6 operation, DoS sensors are not supported. Further, you must specify IPS
sensors with the config firewall interface-policy CLI command. For more
information on FortiGate IPv6 support, see “FortiGate IPv6 support” on page 230.
Figure 201: Editing a DoS policy
Global View Select to list all firewall policies in order according to a sequence
number.
Filter icon Edit the column filters to filter or sort the policy list according to the
criteria you specify. For more information, see “Adding filters to
web-based manager lists” on page 53.
Status When selected, the DoS policy is enabled. Clear the checkbox to
disable the policy.
ID A unique identifier for each policy. Policies are numbered in the order
they are created.
Source The source address or address group to which the policy applies. For
more information, see “Firewall Address” on page 345.
Destination The destination address or address group to which the policy applies.
For more information, see “Firewall Address” on page 345.
Service The service to which the policy applies. For more information, see
“Firewall Service” on page 351.
DoS The DoS sensor selected in this policy.
Interface The interface to which this policy applies.
Delete icon Delete the policy from the list.
Edit icon Edit the policy.
Insert Policy Before icon Add a new policy above the corresponding policy (the New Policy
screen appears).
Move To icon Move the corresponding policy before or after another policy in the list.
Source Interface/Zone The interface or zone to be monitored.
Source Address Select an address or address range to limit traffic monitoring to
network traffic sent from the specified address or range. Select
Multiple to include multiple addresses or ranges.

Table of Contents