-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Blocking brute force (dictionary) attacks with Web Application Firewall.
03/26/2020 
21 People found this article helpful
484,392 Views
Description
This article only applies to brute force dictionary attacks to non existing accounts (not already in SRA database) to non application offloaded portals. The sole intention of this sort of attack is to determine valid user account names and passwords.
Note: To block brute force attacks to existing user accounts please configure "Enable Administrator/user lockout" under System -> administration.
Resolution
At present there is no way to block brute force attacks to the SRA portals, the attacks can only be blocked to Application Offloaded portals. That will change starting with firmware 8.1.0.2-12sv (hotfix 167949).
That firmware version will incorporate an option within the Web Application Firewall called "Disable SRA exclusions" which will eliminate that limitation.
Below is a picture of a sample configuration that blocks a dictionary brute force attack to a virtual office portal.
As per the example above any brute force attack with a purpose to find out valid user account names will be blocked after 10 tries and will be locked out for 60 seconds, these fields can be altered as per requirements.
Related Articles
- Commands for silent installation of NetExtender via CMD line
- Users on Netextender 10.3.0 version failing to connect with the following error message " Cannot get a response from the server "
- How to create a wildcard certificate to be used on the appliance
YES
NO