Hi, friends.
Are the DoS policies created in fortigate necessary when having HTTPS and HTTP publishing?
I have a SIP publishing policy on the firewall but I'm not sure if I should create DoS policies or not.
To avoid blocking problems due to false positives perhaps, I am configuring a DDos profile in MONITOR mode, but I have a question, what is the difference between "logging" and "monitor"?
I attach an image of my MONITOR profile.
Could you help me with this query please.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Yes you can do that.
Why you need only Monitor and not Block ?
What is the purpose of not dropping the traffic that is malicious ? DDOS is there to help you more than just monitoring.
This is the first time I am going to create a DDOS policy rule. Therefore, I want to start monitoring and then take action.
Could you confirm if this profile is correct? It is in monitor mode
Me personally i would go with action Block and Logging enabled. Maybe in your case is good to start with Monitor and you observe what is going on.
Then you decide what to block and what thresholds to apply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1660 | |
1073 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.