Dear Experts,
we need you expert opinion regarding DDoS attack Mitigation.
We are running Fortigate 500E HA cluster (6.0.x) in our production environment. we want to protect our web-servers again DDoS attacks. What measures/steps should we take on our Production Fortigates to be able to protect our webservers in DMZ.
I know there are some dedicated products available from Fortinet for DDoS, but we are in a money saving mode nowadays that's why we are looking for the best practices available on the Fortigate.
Thank you for your response and time.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Applying DDOS policy is simple configuration and the same has been explained in below URLs.
The important point with regards to DDOS is understanding what is the legitimate connection/session/packet rate so that the abnormal sessions/packets/connections can be blocked with DOS policies.
You may start by applying the default threshold values and action as monitor . Check if the normal traffic triggers any DDOS attack, if so you need to increase the threshold and monitor otherwise decrease the threshold and monitor. You may have to repeat this multiple time to find the optimal thresholds and then set the action drop/block.
For example, your webservers may get 1000 connections per second, so if you set a threshold of 900, it will block the 100 legitimate connections.We need to avoid such situations.
Configuration/best practices.
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/771644/dos-protection
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-Denial-of-Service-DoS-protection...
https://www.fortinet.com/resources/cyberglossary/ddos-protection
Hi
FortiGate can only protect against DoS, not DDoS.
As per my knowledge DDoS needs to be supported at ISP level, and eventually FortiDDoS.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.