#Configuration Guide# Sangfor NGAF Anti-Dos/DDos Configuration Guidelines
  

jetjetd Lv5Posted 2022-Jun-30 22:34

Last edited by jetjetd 30 Jun 2022 23:59.

Sangfor NGAF Anti-Dos/DDos Configuration Guidelines



Product: NGAF

Configuration Steps——


Configuring Inbound Attack Protection


Step 1.  Go to Policies > Network Security >Anti-Dos/DDos

Step 2.  By default, the inbound attack protection isdisabled. To use it, we are required to enable it. Go to System > General> System. Click on “Network” tab.

Step 3.  Tick the option “Enable protection against outside DoS attacks. Click “OK” to save it.

Step 4.  Go to Policies again > Network Security> Anti-Dos/DDos. Now you are able to create the inbound attack protection.

Step 5. Enter the policy name.

Step 6.  Enter the LAN zone as the source zone. Enable the defense against ARP flooding attack option.

Step 7.  For “Scan Prevention”. Enable the IP scan and Port scan prevention. Click OK when finish.

Step 8.  Select “All” user or specific the internal user.

Step 9.  For the attack type. Make sure the protection of SYN flood, UDP flood, DNS flood, ICMP flood and ICMPv6 is enabled.


Step 10.  Next ensure the log event and deny action is enabled.

Step 11.  Click on “Advanced” option. Tick all the packet-based attack protection except “Sending IP fragment” because the IP fragment isexisting in a normal network environment.

Step 12.  Next, tick all the protection in “Bad IP Options” and “Bad TCP Options”. Click “OK” to save configuration.


Inbound Attack policy has been created successfully.



Configuring Outbound Attack Protection

Step 1.  Go to Policies > Network Security >Anti-Dos/DDos. Click and select the outbound attack protection

Step 2.  Enter the policy name. Select the WAN zone asthe source zone.

Step 3.  For scan prevention, Enable the IP scan and Port scan prevention.

Step 4.  For the attack type, make sure the protection of SYN flood, UDP flood, DNS flood, ICMP flood, and ICMPv6 flood is enabled. Click “OK” when done.

Step 5. Next, ensure the log event and deny action is enabled.

Step 6. Click on “Advanced”option. Tick all the packet-based attack protection except “Sending IP fragment” because the IP fragment is existing in a normal network environment.Click “Ok” to save the configuration.

Outbound Attack policy has been created successfully.
-END-

This topic contains more resources

You must log in to download or view the file. Not registered yet? Register

x

Like this topic? Like it or reward the author.

Creating a topic earns you 5 coins. A featured or excellent topic earns you more coins. What is Coin?

Enter your mobile phone number and company name for better service. Go

Newbie517762 Lv5Posted 2023-Jun-02 11:04
  
Thanks for your useful & fluency article.
flirene_94 Lv1Posted 2023-May-30 09:37
  
Very Straightforward and organized, and it is providing clear instructions for each configuration step
Newbie886406 Lv1Posted 2023-May-30 09:06
  
The information in this article is concise andmaking it easy for users to follow and implement the necessary configurations.
eram Lv1Posted 2023-May-30 09:00
  
This Configuration Guidelines provide a useful resource for users to effectively configure inbound and outbound attack protection in their NGAF product,
Pat Lv4Posted 2023-May-30 08:21
  
This is an easy to understand guide which helps even the not so equipped technical guy
Cecille Lv1Posted 2023-May-27 18:20
  
The detailed step by step process with corresponding screenshots makes it very useful
Flordeliza22 Lv2Posted 2023-May-27 15:06
  
The article or guide promotes continuous learning and professional growth.
MarioC Lv2Posted 2023-May-27 15:03
  
The information is presented in an engaging and conversational tone.
Cesar Lv2Posted 2023-May-27 15:01
  
The article or guide sparks curiosity and encourages further exploration of the topic.
BetBet Lv2Posted 2023-May-27 14:59
  
It's a trustworthy source of information on the subject matter.