Service Protection Policy Feature Settings
Settings |
Guidelines |
---|---|
Name |
Name of SPP rule. This field accepts alphanumeric characters
and doesn’t allow special characters. It should match regular expression
|
Status |
Default and recommended Enabled. This feature control allows the user to disable the SPP Rule. If this SPP has configured Protection Subnets, this action will result in traffic to those subnets being monitored by any other SPP with next longest prefix match or by the default SPP. Note: You will receive a warning when disabling SPP status.
|
Inbound Operation Mode |
Set the mode for traffic received from WAN-side interfaces:
|
Outbound Operation Mode |
Set the mode for traffic received from LAN-side interfaces:
|
Adaptive Mode |
Several important “Scalar” Thresholds use machine learning to adapt the System Recommended Thresholds to recent traffic trends. This feature determines if the feature is used.
|
Adaptive Limit |
A percentage of the configured minimum threshold that establishes the upper limit of the estimated threshold. The adaptive limit is an upper rate limit beyond which the system blocks all traffic. The valid range is 100% to 300%. For example, the default is 150%. The system uses the dynamic threshold estimation algorithm to raise the calculated threshold up to 150% of the value of the configured minimum threshold. Thus, if the inbound threshold for Protocol 17 (UDP) is 10,000, the threshold never falls below 10,000 and never exceeds 15,000. When the adaptive limit is 100, the system does not use dynamic threshold estimation to adjust thresholds. |
Source MAC Address Aggressive Aging |
MAC address used to send TCP resets to the protected server when aggressive aging is triggered. Please note, any packets generate by FortiDDoS will use MAC address specified here. By default, the system uses the MAC address of the management interface
(mgmt1), but the MAC address displayed in the web UI is If you change this setting, the system uses the MAC address you specify. |
Cloud Signaling Status |
This setting allows to enable/disable Cloud signaling feature for this specific SPP Rule. |
To configure using the CLI: config ddos spp rule edit <spp_name> set status { enable | disable } set inbound-operating-mode { detection | prevention } set outbound-operating-mode { detection | prevention } set adaptive-mode { fixed | adaptive } set adaptive-limit <integer> set source-mac-address-aggressive-aging <string> set cloud-signaling-status { enable | disable } next end |