Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vprabhu_FTNT
Staff
Staff

Created on ‎06-28-2020 12:28 AM Edited on ‎01-30-2024 03:07 AM By Community Manager

Article Id 198645

Technical Tip: Denial of Service (DoS) anomalies explained

Description
This article describes the predefined anomalies used in DoS policies.

Solution

A Denial of Service (DoS) policy examines network traffic arriving at a FortiGate interface for anomalous patterns, which usually indicates an attack.

 

A denial of service occurs when an attacking system starts an abnormally large number of sessions with a target system. The large number of sessions slows down or disables the target system, preventing legitimate users from using it.

 

DoS policies are checked before security policies, preventing attacks from triggering more resource intensive security protection and slowing down the FortiGate.

 

Predefined sensors are setup for specific anomalous traffic patterns. New DoS anomalies cannot be added by the user. The predefined anomalies that can be used in DoS policies are:

 

 

 

Related Articles

Technical Tip: How to configure IPv4 DOS policy

Technical Note: How to tune DDoS policies

3215
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.