In this video, you will protect a Web server against external attacks using a 48 with an intrusion prevention system or I P s profile and a denial of service or D O. S policy.
This will defend your server against a variety of threats.
First, go to system config
features to ensure that intrusion protection is turned on.
Now go to security profiles,
Intrusion protection. To configure the i PS profile,
select the default pattern based signature and edit it
enable severity to see all the signatures in the database,
scroll down and set the action to block all
then enable each of the rate based signatures
and save the profile.
Go to policy and Objects Policy I p v four toe Add I p s to the firewall policy that allows traffic from the server to the Internet, Edit the policy and enable I ps under security profiles and set it to use the default profile
enabling I ps automatically enables S S L s s H inspection Set this feature to use the deep inspection profile
Next go to policy and objects policy d. O. S and create a new policy to define your D. O s protection,
set the incoming interface to your Internet facing interface and set the rest to allow all traffic
in the anomalies list. Enable status and logging,
and set the action to block for every type.
Before you can perform a test D. O s attack, you must be the legal owner of the server under attack. Make absolutely sure that you're targeting the correct server, I p, because attacking another server is illegal.
With this in mind, launch a DDOS attack on your Web server.
Then open the fourth gate interface and go to System 40 view threats
and select the five minutes of you you'll see data and logs about the DDOS attack that the 40 gait has blocked.
Thank you for watching. If you need for the details, you can visit docks dot Fortinet dot com to access our complete documentation library. Also check out our new cookbook site at cookbook dot Fortinet dot com for more tutorials like this one