Fortinet 624 FortiWeb 5.0 Patch 6 Administration Guide
Figure 82:System > Config > HA-Config
The FortiWeb appliance broadcasts ARP packets to the network to ensure timely failover.
Delayed broadcast intervals can slow performance. Set the value of ARP Packet Numbers
no higher than needed.
When the FortiWeb appliance broadcasts ARP packets, it does so at regular intervals. For
performance reasons, set the value for ARP Packet Interval no greater than required.
Some experimentation may be needed to set these options at their optimum value. See
“Configuring a high availability (HA) FortiWeb cluster” on page 97.
Alerting the SNMP manager when HA switches the primary appliance
Use SNMP to generate a message if the HA heartbeat fails.
Figure 83:SNMP community’s event settings in System > Config > SNMP
Configure an SNMP community and enable the HA heartbeat failed option. For details, see
“Configuring an SNMP community” on page 581.
Reducing false positivesFocusing your energies on real attacks is vital. But often attacks differ from normal traffic in
subtle ways.
Are 20 requests per second per client a DoS attack? Is a request URL with 250 characters
abnormally long? Should form inputs allow SQL queries?