Created on 09-25-2024 10:41 PM Edited on 12-27-2024 12:09 AM By Rajashekar
Description | This article describes what to consider on the FortiDDoS. |
Scope | FortiDDoS-F. |
Solution |
Step1: Select a FortiDDoS that its interfaces (config Interface) can match the:
Validate Datasheets: More information link: Deployment topology.
Step 2. Set an SPP to protect the services provided. Example:
...
Note: To associate the custom security profiles for each custom SPP (**): Service Protection -> Edit SPP-Name <-- Then add (IP, ICMP, TCP, HTTP, SSL/TLS, NTP, DNS, DTLS) custom Profiles.
Step 3: In the maintenance window set FortiDDoS on the network for the first time to learn traffic with SPPs in Detection/learning mode (the system is by default to Inline).
Step 4: Allow to learn traffic based on topology:
Step 5: After learning mode time is met. Make the required adjustments to the FDD(**) and threshold(**) configuration and wait 3 days.
Step 6: Make any pending adjustments after 3 days and validate log reports to avoid false positives(**).
Step 7: After 3 days in a maintenance window validating that legitimate traffic is not blocked, move from Detection to Prevention mode.
Step 8: Monitoring logs and network services for a few days.
Important Note: After FDD is in the production environment: If a manual entry is done, bypass and then return to inline mode (there will be about 5 seconds of traffic disruption when changed from bypass to inline). Be aware there is about 5-6s of traffic outage when doing that. When removing the bypass the system does not have TCP state information and if the SPPs are in Prevention with Foreign Packet Validation enabled (it should be), all TCP connections will be dropped. * During an FDD reboot (there will be about 5 seconds of traffic disruption).
Related documents:
(**) If it is required help with the implementation, it is possible to consult the professional services. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.