Technical Tip: How to adjust the rate count for DN...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 375206

Description

This article describes how to adjust the rate count value when DNS.TXT.Records.Tunneling Application Control Signature is in use. The default rate count is 100 requests with 1 second. To adjust the rate count value it has to be done via CLI Console

Scope

FortiGate v7.0/v7.2/v7.4/v7.6.

Solution

Launch the CLI window in the GUI or SSH into FortiGate:

config application list

(list) # edit DnsTunneling
new entry 'DnsTunneling' added

DnsTunneling) # config entries

(entries) # edit 1
new entry '1' added

(1) # set application 39624 <----- The application number is DNS.TXT.Records.Tunneling signature.

(1) # set action block

(1) # set log enable

(1) # set rate-count
rate-count Enter an integer value from <0> to <65535>.

(1) # set rate-count 80 -----> rate count adjusted to 80 requests with 1 second

next
end

Once done, the GUI Application control configuration is shown in GUI:

367

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: How to adjust the rate count for DNS.TXT.Records.Tunneling signature in Application Control

You are leaving our website