Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
This article discuss the best practices for protecting your network from DoS and DDoS attacks. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Denial of Service (DoS)
A Denial of Service (DoS) attack is an attempt to make a machine or network resource unavailable to the intended users. One common method of attack involves saturating the target machine with external communications requests so that it cannot respond to legitimate traffic or the machine responds so slowly that it is essentially useless.
DoS Attacks can be carried out in the following ways:
Distributed Denial of Service (DDoS)
A Distributed Denial of Service (DDoS) attack is the attack where multiple (legitimate or compromised) systems perform a DoS Attack on a single target or system. This distributed attack can compromise the targeted machine or force it to shutdown, which shuts down service to the legitimate users.
This article describes how you can protect your network against DoS and DDoS attacks using the Sophos XG Firewall (SF). It is divided into two sections:
You can protect your network against DoS attacks for both IPv4 and IPv6 traffic by configuring the appropriate DoS Settings on the Sophos XG Firewall. You can configure DoS Settings by following the steps below:
Once DoS settings are applied, SF checks the network traffic to ensure that it does not exceed the configured limit.
You can protect your network against DDoS attacks by using Intrusion Prevention policies in SF. Please note that the DDoS signatures are only available on the XG550, XG650 and XG750 models. To configure an IPS policy, follow the steps below.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.