Thank you for starting this channel. The videos you share tackle issues that engineers might encounter on a daily basis, and you are a source of inspiration for them.
Thank you for the video, had a query when it comes to DOS policy have you come across a scenario where it is applied to an inbound interface? , second question: Let's say I have no VIP configured or any SSL or IPsec services running on WAN interface and even have ping disabled (basically no service running on WAN port) would I still need a DOS policy?
Hi Rpinto : First let’s answer the second question : Yes you need a DoS policy even if you have no service running on the firewall or the FGT itself. But, only if you have a web service or any service inside your network that is accessible from outside, attacker can target that and can cause a dos attack. Dos policy actually depend on the placement of device. If connected to internet or internally used. 1st question answer : even it can be used on inside interface but generally people avoid to configure on inside. It can be very useful on inside interface if you find some already breached within network or if you can baseline your internal traffic as well
Thank you for starting this channel. The videos you share tackle issues that engineers might encounter on a daily basis, and you are a source of inspiration for them.
Thanks rajpandey for feedback. Will try my best to provide all possible day to day issues
Thanks for sharing day to day problems you are facing. It is helpful me. Thanks
Hi Selva ,
Thanks for feedback
Thank you as always. Explained very nicely and in simple words.
Glad you liked it!
Thank you for the video, had a query when it comes to DOS policy have you come across a scenario where it is applied to an inbound interface? , second question: Let's say I have no VIP configured or any SSL or IPsec services running on WAN interface and even have ping disabled (basically no service running on WAN port) would I still need a DOS policy?
Hi Rpinto :
First let’s answer the second question :
Yes you need a DoS policy even if you have no service running on the firewall or the FGT itself. But, only if you have a web service or any service inside your network that is accessible from outside, attacker can target that and can cause a dos attack. Dos policy actually depend on the placement of device. If connected to internet or internally used.
1st question answer : even it can be used on inside interface but generally people avoid to configure on inside.
It can be very useful on inside interface if you find some already breached within network or if you can baseline your internal traffic as well
@@rosatechnocrat thanks