#Configuration Guide# Sangfor NGAF Anti-Dos/DDos Configuration Guidelines
  

jetjetd Lv4Posted 30 Jun 2022 22:34

Last edited by jetjetd 30 Jun 2022 23:59.

Sangfor NGAF Anti-Dos/DDos Configuration Guidelines



Product: NGAF

Configuration Steps——


Configuring Inbound Attack Protection


Step 1.  Go to Policies > Network Security >Anti-Dos/DDos
7828962bdb36e96692.png

Step 2.  By default, the inbound attack protection isdisabled. To use it, we are required to enable it. Go to System > General> System. Click on “Network” tab.
4159462bdb3765fdf5.png

Step 3.  Tick the option “Enable protection against outside DoS attacks. Click “OK” to save it.
5483162bdb37cf20ed.png

Step 4.  Go to Policies again > Network Security> Anti-Dos/DDos. Now you are able to create the inbound attack protection.
6333362bdb383f423f.png

Step 5. Enter the policy name.
2729362bdb38ad39ff.png

Step 6.  Enter the LAN zone as the source zone. Enable the defense against ARP flooding attack option.
1525062bdb3953a155.png

Step 7.  For “Scan Prevention”. Enable the IP scan and Port scan prevention. Click OK when finish.
2944362bdb39a7d5f5.png

Step 8.  Select “All” user or specific the internal user.
4883762bdb3a1280f3.png

Step 9.  For the attack type. Make sure the protection of SYN flood, UDP flood, DNS flood, ICMP flood and ICMPv6 is enabled.
6460962bdb3a60ae27.png

7931962bdb3ad3a91a.png

Step 10.  Next ensure the log event and deny action is enabled.
6722062bdb3b31d6f9.png

Step 11.  Click on “Advanced” option. Tick all the packet-based attack protection except “Sending IP fragment” because the IP fragment isexisting in a normal network environment.
8651562bdb3b8bfe70.png

Step 12.  Next, tick all the protection in “Bad IP Options” and “Bad TCP Options”. Click “OK” to save configuration.
5637262bdb3beb83b9.png

8738062bdb3c3cf68f.png

Inbound Attack policy has been created successfully.
3396262bdb3cc23fc8.png



Configuring Outbound Attack Protection

Step 1.  Go to Policies > Network Security >Anti-Dos/DDos. Click and select the outbound attack protection
3632262bdb3d37b47d.png

Step 2.  Enter the policy name. Select the WAN zone asthe source zone.
689562bdb3d9b7c2a.png

Step 3.  For scan prevention, Enable the IP scan and Port scan prevention.
5129662bdb3deb7ca5.png

Step 4.  For the attack type, make sure the protection of SYN flood, UDP flood, DNS flood, ICMP flood, and ICMPv6 flood is enabled. Click “OK” when done.
9687362bdb3e6c916c.png

Step 5. Next, ensure the log event and deny action is enabled.
4890262bdb3f1c1168.png

Step 6. Click on “Advanced”option. Tick all the packet-based attack protection except “Sending IP fragment” because the IP fragment is existing in a normal network environment.Click “Ok” to save the configuration.
7916562bdb3f8cdebf.png

Outbound Attack policy has been created successfully.
7138062bdb3fe5acb9.png
-END-

Like this topic? Like it or reward the author.

Creating a topic earns you 5 coins. A featured or excellent topic earns you more coins. What is Coin?

Enter your mobile phone number and company name for better service. Go

jetjetd Lv4Posted 03 Jul 2022 01:01
  
I hope everyone will find my guide useful.
RegiBoy Lv3Posted 20 Jul 2022 16:27
  
Thank you for sharing this english version. It is informative and useful
Imran Tahir Lv3Posted 20 Jul 2022 19:30
  

Thank you for sharing this english version