Time
1 hour 35 minutes
Difficulty
Beginner

Video Description

In this video, you will protect a web server against external attacks, using a FortiGate with an Intrusion Prevention System (IPS) profile and a Denial of Service (DoS) policy. This will defend your server against a variety of attacks. Before performing any test attacks, always ensure you are targeting the correct IP. Visit Fortinet's documentation library at http://docs.fortinet.com

Video Transcription

00:00
In this video, you will protect a Web server against external attacks using a 48 with an intrusion prevention system or I P s profile and a denial of service or D O. S policy.
00:13
This will defend your server against a variety of threats.
00:25
First, go to system config
00:29
features to ensure that intrusion protection is turned on.
00:35
Apply the changes.
00:43
Now go to security profiles,
00:46
Intrusion protection. To configure the i PS profile,
00:51
select the default pattern based signature and edit it
00:57
enable severity to see all the signatures in the database,
01:02
scroll down and set the action to block all
01:04
and apply,
01:08
then enable each of the rate based signatures
01:17
and save the profile.
01:26
Go to policy and Objects Policy I p v four toe Add I p s to the firewall policy that allows traffic from the server to the Internet, Edit the policy and enable I ps under security profiles and set it to use the default profile
01:42
enabling I ps automatically enables S S L s s H inspection Set this feature to use the deep inspection profile
02:00
Next go to policy and objects policy d. O. S and create a new policy to define your D. O s protection,
02:09
set the incoming interface to your Internet facing interface and set the rest to allow all traffic
02:17
in the anomalies list. Enable status and logging,
02:23
and set the action to block for every type.
02:38
Before you can perform a test D. O s attack, you must be the legal owner of the server under attack. Make absolutely sure that you're targeting the correct server, I p, because attacking another server is illegal.
02:51
With this in mind, launch a DDOS attack on your Web server.
02:55
Then open the fourth gate interface and go to System 40 view threats
03:02
and select the five minutes of you you'll see data and logs about the DDOS attack that the 40 gait has blocked.
03:14
Thank you for watching. If you need for the details, you can visit docks dot Fortinet dot com to access our complete documentation library. Also check out our new cookbook site at cookbook dot Fortinet dot com for more tutorials like this one

Up Next