{{ getBottomFeedbackTxt(displayPage) }}
{{ $t('bottomFeedback.selectTags') }}
{{ item.name }}
{{ $t('bottomFeedback.moreAdvice') }}
{{ $t('bottomFeedback.email') }}
{{ $t('bottomFeedback.agreeRecall') }}
{{ $t('bottomFeedback.submitAdvice') }}
{{ tipmsg }}
{{ getBottomFeedbackTxt(page) }}
{{ $t('rightFeedback.close') }}
{{ $t('rightFeedback.submitSuccess') }}
{{ getTitle() }} {{ $t('rightFeedback.feedback') }}
{{ $t('rightFeedback.warningTip') }}
{{ $t('rightFeedback.onlineServiceLink') }}
.
{{ getBottomFeedbackTxt(page) }}
{{ $t('bottomFeedback.selectTags') }}
{{ item.name }}
{{ $t('bottomFeedback.moreAdvice') }}
{{ $t('bottomFeedback.email') }}
{{ $t('bottomFeedback.agreeRecall') }}
{{ $t('bottomFeedback.submitAdvice') }}
{{ getTitle() }} {{ $t('rightFeedback.feedback')}}
{{ getTitle() }} {{ $t('rightFeedback.feedback')}}
{{ $t('rightFeedback.warningTip')}}
{{ $t('rightFeedback.onlineService')}}
.
{{ getBottomFeedbackTxt(page) }}
{{ $t('bottomFeedback.selectTags') }}
{{ item.name }}
{{ $t('bottomFeedback.moreAdvice') }}
{{ $t('bottomFeedback.markedContent')}}
{{ dialog_sign_txt }}
{{ $t('bottomFeedback.email') }}
{{ $t('bottomFeedback.agreeRecall') }}
{{ $t('bottomFeedback.submitAdvice') }}
{{ menuItem.name }}
{{ menuItem.name }}
{{subMenu.name}}
{{ menuItem.name }}
{{ secondMenu.name }}
{{thirdMenu.name}}
# {{ $t('index.trendingSearches') }} #
{{ $t('index.search.noSearchRecords')}}
{{ item }}
# {{ $t('index.search.searchHistory') }} #
{{ $t('index.search.deleteAll')}}
{{ $t('index.search.complete')}}
{{ $t('index.search.noSearchRecords')}}
{{ item }}
{{getProductJoinVersion(item.product,item.version)}}
{{ $t('index.search.viewMore')}}
{{language}}
{{ item.value}}
{{ $t('sangforUser.login') }}
{{ $t('sangforUser.mySangfor') }}
{{user.username}}
{{ $t('sangforUser.uid') }}{{user.uid}}
{{ $t('sangforUser.accountInfo') }}
{{ $t('sangforUser.identityTip') }}
{{ $t('sangforUser.goToAuth') }}
{{ $t('sangforUser.myFollowedProducts') }}
{{ $t('sangforUser.myCollection') }}
{{ $t('sangforUser.unreadMessages') }}
{{unreadMsg}}
{{ $t('sangforUser.logout') }}
搜索
{{getProductJoinVersion(item.product,item.version)}}
查看更多
{{item.name}}
{{subitem.name}}
{{msg}}
{{ $t('index.prodDialog.interestsProductLine') }}
{{item.name}}
{{ $t('index.prodDialog.notFollowProductLine') }},
{{ $t('index.prodDialog.clickToFocus') }}
{{ $t('index.prodDialog.allProductsAndServices') }}
{{ $t('index.prodDialog.notFoundWith') }}“
{{searchName}}
”{{ $t('index.prodDialog.productLinesReEnter') }}
{{item.name}}
{{subitem.name}}
{{ $t('index.prodDialog.noData') }}
{{ $t('index.qiyuProductLineDialog.hotProductLine') }}
{{item.name}}
{{ $t('index.qiyuProductLineDialog.noContent') }}
{{ $t('index.qiyuProductLineDialog.securityProducts') }}
{{item.name}}
{{item.name}}
{{subitem.name}}
{{ $t('snGuideDialog.question1') }}
{{ $t('snGuideDialog.question2') }}
{{ $t('versionGuideDialog.contactCustomerService') }}
{{ $t('versionGuideDialog.intelligentCustomerService') }}
{{ $t('versionGuideDialog.getVersionInfo') }}
{{ $t('addFollow.popover') }}
{{ $t('addFollow.setEmail') }}
{{ $t('addFollow.tipDailyLimit') }}
{{ $t('bindEmailModal.cannotSeeChange')}}
{{ $t('addFollow.getCode') }}
{{ timerSecond }}{{ $t('addFollow.secondsLater') }}
{{ $t('saveSetForm.problemTip1') }}
{{ $t('saveSetForm.problemTip2') }}
{{ $t('addFollow.successTip') }}
{{ $t('addFollow.confirm') }}
{{ $t('addFollow.cancel') }}
{{ $t('caseDetail.pageCatalog') }}
{{ $t('helpTip.prefix') }}
{{ $t('helpTip.onlineService') }}
{{ $t('helpTip.suffix') }}.
{{ $t('downloadWarnModal.contentOnlyFor') }} {{powertip}}
{{ $t('downloadWarnModal.pleaseAuthFirst') }}
{{ $t('downloadWarnModal.authAsCustomer') }}
{{ $t('downloadWarnModal.authAsPartner') }}
{{ $t('downloadWarnModal.authAsEmployee') }}
{{ $t('downloadWarnModal.goToAuth') }}
{{ $t('downloadWarnModal.onlineService') }}
{{authTips}}
{{authTips}}
{{ $t('downloadWarnModal.clickToLearnAuth') }}
{{ showPowerText +' '+ $t('toolList.permission') + getPowerName }}
{{ $t('common.buttons.selectAll') }}
{{ node.label }}
{{ $t('common.buttons.cancel') }}
{{ $t('common.buttons.confirm') }}
{{ $t('toolList.download') }}
{{ $t('toolList.downloadPdf') }}
{{ $t('toolList.download') }}
{{ $t('toolList.shareContent') }}
{{ $t('toolList.copyLinkSuccess') }}
{{ $t('toolList.copyLink') }}
{{ $t('toolList.share') }}
{{isCurCollection ? $t('toolList.cancelCollect') : $t('toolList.collectContent')}}
{{isCurCollection ? $t('toolList.cancelCollect') : $t('toolList.collect')}}
{{ $t('index.defaultHeader.chromeBrowserTip') }}
{{ $t('index.defaultHeader.logo') }}
Athena NGFW (Next-Generation Firewall)
Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.
{{ $t('productSubHeader.tabs.document') }}
{{ $t('productSubHeader.tabs.bestPractice') }}
{{ $t('productSubHeader.tabs.case') }}
{{ $t('productSubHeader.tabs.software') }}
{{ $t('productSubHeader.tabs.bbs') }}
{{ $t('productSubHeader.searchLabel') }}
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
8.0.95
{{item.code}}
Release Notes
Network Secure V8.0.95 Version Release Notes
Overview
Enhancements
Connection Control
Application Control/NAT Policy Filters
Console Pages Response Time Optimized
New Features
DDNS Policies
Bandwidth Management for VPN Tunnels
Unauthorized Outbound Access Detection
Spoofed Access Detection
Private Network Access Control
Configuration Recommendations
New Models
Upgrade Impacts
Impacts on Services
Impacts on O&M
Upgrade Guide
Preparations for Upgrade
Upgrade Methods
Environment Information
Customer Resource Coordination
Pre-Upgrade Check
Upgrade Limitations
Environment Check Using Pre-Upgrade Check Package
Procedure
Upgrade Procedures
Upgrade Paths
Upgrade Procedure
Post-Upgrade Check
Network Connectivity Check
System Health Check
Service Status Check
Upgrade Methods
Upgrading Network Secure from the GUI
Upgrade Processes
Upgrade Procedures
Upgrading Network Secure via Central Manager
Upgrade Processes
Upgrade Procedures
Troubleshooting Upgrade Failures
Rollback Instructions
Network Secure V8.0.95 SP03 Release Notes
SP Information
Upgrade Impacts
Impacts on Services
Impacts on O&M
Impacts on Customer Network
Other Impacts
Customer Upgrade Preparations
Upgrade Preparations
Notes
Implementation Procedure
Post-Upgrade Service Check
Rollback Instructions
Upgrade Guide
Preparations for Upgrade
Upgrade Tools
Environment Information
Customer Resource Coordination
Pre-Upgrade Check
Notes
Smooth Upgrade of Configurations, Logs, and Data
Upgrade Recommendations
Central Manager
Upgrade Procedure
Upgrade Path
Upgrade Procedure
Platform Check
Service Status Check
Troubleshooting Upgrade Failures
Rollback Instructions
Network Secure V8.0.95 SP01 Release Notes
Service Package(SP) Information
Upgrade Impacts
Impacts on Services
Impacts on O&M
Impacts on Customer Network
Other Impacts
Customer Upgrade Preparations
Upgrade Preparations
Notes
Implementation Procedure
Post-Upgrade Service Check
Rollback Instructions
Upgrade Guide
Preparations for Upgrade
Upgrade Tools
Environment Information
Customer Resource Coordination
Pre-Upgrade Check
Notes
Upgrade Conditions
Smooth Upgrade of Configurations, Logs, and Data
Upgrade Recommendations
Central Manager
Upgrade Procedure
Upgrade Path
Upgrade Procedure
Platform Check
Service Status Check
Troubleshooting Upgrade Failures
Rollback Instructions
Non-High Availability mode
Device Deployed in High Availability mode
Product Overview
Introduction
Key Features
Deployment
Installation Preparations
Environment Requirements
Product Appearance
Configuration and Management
Cable Connection for a Single Device
Cable Connection for Active Standby Mode
Login to Web Admin Console
CLI Login
Deployment Mode
Routing Mode (Layer 3)
Transparent Mode (Layer 2)
Virtual Wire Mode
Mirror Mode
Mix Mode
Deploying vNGFW on HCI and VMware
Necessary Deployment Conditions
Deploy vNGFW in VMware
Import the Image
Configure the vNGFW
Notes
Deploy vNGFW in HCI
Preparation
Import Image
Create Instances
Other
About the validity period of authorization
Replacing Fortigate with NGFW
Overview and Migration Process Overview
Overview
List of Key Feature Compatibility Features and Migration Order
Pre-Migration Preparation (Critical)
Device and Version Information
Network and Service Review
FortiGate Configuration Export and Backup
FortiGate Configuration Export Methods (CLI / Web Interface)
Sangfor Firewall Initialization and Configuration Backup
Key Functional Differences Between Fortigate and Sangfor NGFW
VODM
Fortigate VDOM
Virtual System of NGFW
NAT
Fortigate's Central NAT and Regular NAT
NGFW’s NAT
IPSEC
IPSEC
How to Migrate from FortiGate to Sangfor NGFW
SD-WAN and Policy-Based Routing
FortiGate SD-WAN and Policy-Based Routing
NGFW SDWAN and Policy Based Routing
Firewall Policy
Firewall Policy of Fortigate
Policy of NGFW
Automated Configuration Conversion Based on Tools – For ACL, NAT, Address Objects, and Service Objects
Tool Introduction
How to Use the Tool
Enable API Function in NGFW
Write configuration to firewall
Check the Import Result
Conversion Logs and Results
Conversion Result Verification Method
Manual Migration Configuration
Modify the Interface Configuration
Bind the Interface and Zone
Migrate Software Switch Interface
Policy Template Migration
WAF
IPS
URL Filter
Antivirus
Security Protection Policy Migration
Fortigate Configuration Example
Fortigate Parameter Explanation and Conversion Suggestions
Migrate to Sangfor NGFW
SSL Decryption
Fortigate Configuration Example
Fortigate Parameter Explanation and Conversion Suggestions
Migrate to Sangfor NGFW
Logs and Alert
Fortigate Configuration Example
Fortigate Parameter Explanation and Conversion Suggestions
Migrate to Sangfor NGFW
AD / LDAP
Fortigate Configuration Example
Fortigate Parameter Explanation and Conversion Suggestions
Migrate to Sangfor NGFW
HA
Fortigate Configuration Example
Fortigate Parameter Explanation and Conversion Suggestions
Migrate to Sangfor NGFW
Fortigate IPSec Migration
Fortigate Configuration Example
Fortigate Parameter Explanation and Conversion Suggestions
Migrate to Sangfor NGFW
SD-WAN Migration
PBR
SD-WAN
Testing and Validation
Functional Validation Checklist
Verification Methods and Common Troubleshooting
Cutover and Rollback Plan
Cutover Objectives and Principles
Cutover Timing and Window Selection
Pre-Cutover Checklist
Configuration Preparation
Environment Preparation
Cutover Procedure
Phase 1: Preparation
Phase 2: Network Cutover Implementation
Business Verification
Rollback Plan
Principles
Rollback Steps
Fast Rollback Tips
Post-Cutover Optimization and Best Practices
Policy Optimization
Merge Duplicate Policies
Delete Unused Objects
Object Hierarchical Management
Log and Reporting Configuration
Integrate with log center
Enable Alert Notifications
Security Policy Audit Recommendations
Appendices and Support Information
User Manual
Home
Security Operation Center (SOC)
Hardware & System Operations
Quick Links
Specialized Protection
Ransomware Protection
Business Asset Security
User Security
Device Status
Network Operations
SOC
Security Operations
Assess Risk
Protect
Monitor/Analysis
Pending Issues
Configuration Case
IoT Security
Assets
Asset Discovery
Endpoint Traffic Identification
Active Endpoint Scan
Configuration Procedures
Private Network Access
IoT Solution
Business Asset Security
Summary of Business Asset Risks
Configuration Case
Summary of Attack Events
Attack Types
Attack Map
Hot Events
Business Assets
Passive Vulnerability Scan
User Security
Summary of User Risks
Attack Events
Top 3 Attack Types
Top 10 Hot Events
Affected Users
Specialized Protection
Asset Management
Ransomware Protection
IP Reputation
Account Protection
Endpoint App Control
Configuration Steps to Block Proxy Tool
Configuration Steps to Custom Application Reported from Endpoint
Blacklist and Whitelist
Blacklist
Global Blacklist
Temporary Blacklist
Whitelist
Next-Gen Security
Security Integration
Cloud-Based Protection
Cloud-Based Protection Options
Neural-X Unknown Threat Update
Endpoint Protection
Endpoint Protection Options
Endpoints
Operation Logs
Security Capabilities
Monitor
Logs
Security Logs
Security Logs
Unauthorized Outbound Access Logs
Spoofed Access Logs
Access Logs
Session Logs
User Login/Logout Logs
SSL VPN Logs
System Logs
Admin Operation Logs
System Security Logs
Local ACL Logs
TOP N
Configuration Procedures
Sessions
Session List
Traffic Ranking
Top Users by Traffic
Top Applications by Traffic
Top IP Addresses by Traffic
Traffic by IP Address
Suspicious Traffic
Session Ranking
Session Ranking
Session Details
Session History
Bandwidth Management
Statistics
Application
Application Statistics Query Case
Traffic
Case of Viewing Traffic Statistics
Report
Security Report
Report Subscription
Diagnosis
Packet Tracing
Settings
Logging Options
Enable Logging
Log Servers
Local Logs
Cyber Command Settings
Top N Options
Alert Notification Settings
Event Settings
Notification Settings
Email Alert Setting Case
Log Database
Policies
Network Address Translation
IPv4 NAT
Source NAT
Destination NAT
Bidirectional NAT
IPv6 NAT
Source NAT
Destination NAT
NAT64
IPv4 to IPv6 NAT
IPv6 to IPv4 NAT
DNS-Mapping
Configuration Example
Access Control
Application Control
Policy Configuration
Policy Optimization
Policy Change Tracking
GeoLocation Blocking
Configuration Steps
Local ACL
Configuration Steps
Connection Control
Configuration Example
Network Security
Security Protection Policy
Policy for Server Scenario
Policy for Internet Access Scenario
Advanced Settings
Anti DoS/DDoS
Inbound Attack Protection Policy
Configuration Case
Outbound Attack Protection Policy
Local DoS Protection
Tools
View the Attacker IP Address
Unauthorized Outbound Access
Add NIC Detection Policy
Configuration Case
Spoofed Access
Configuration Case
Decryption
Decrypt Data to Internal Server
Configuration Steps
Decrypt Data to Internet
Excluded Addresses
Bandwidth Management
Channel Configuration
Guaranteed Channel
Limited Channel
Exclusion Rules
VPN Bandwidth Channels
Sangfor VPN Bandwidth Policy Case Study
Link Settings
Links
Link Policy
Authentication
User Authentication Status
Local Users
Group/User
User Import
LDAP User Sync
LDAP User Sync Case
User Authentication
Authentication Policy
Authentication Options
External Authentication Server
Custom Webpage
Objects
Network Objects
Link State Detection
Services
Security Policy Template
Intrusion Prevention
Web App Firewall
Application Hiding
Password Protection
Privilege Control
HTTP Request Anomaly
Scanner Blocker
Advanced Protection
Cloud-Delivered Protection
Botnet
Content Security
Threat Signature Database
Security Database
WAF Signature Database
IPS Signature Database
Malware Signature Database
Passive Vulnerability Scan Database
Custom Database
Custom WAF Signature Database
Custom IPS Signature Database
Custom Malware Signature Database
Content Identification Database
Application Signatures Database
Application Signatures
Advanced App Signatures
Endpoint App Signatures
Custom App Signatures
URL Category Database
Add URL Category
URL Category Lookup
File Types
Email Attachment Filter
SLB Server Pools
IP Location Database
ISP IP Address Range
IP Location
IP Location Correction
Location Query
Update IP Address Database
Schedule
One-Time Schedule
Recurring Schedule
Network
Interfaces
Physical Interfaces
Edit Physical Interface
Subinterfaces
VLAN Interfaces
Virtual Interfaces
Aggregate Interfaces
Local Loopback Interfaces
GRE Tunnel
Link State Propagation
Zones
Routes
Static Routes
Policy-Based Routes
Source-Based Route
Link Load-Balancing
Multicast Routes
OSPF
OSPF
OSPF Links
OSPF Routes
OSPF Adjacency
OSPF Interfaces
RIP
Network Segments
Interfaces
Neighbors
Route Redistribution
BGP
Network Segment
Neighbor
Route Distribution
Aggregate Address
Administrative Distance
All Routes
Route Testing
Access Lists
Route Maps
Virtual Wires
DNS
DNS Configuration
DNS Transparent Proxy
DHCP
DHCP Servers
Configuration Case
DHCP Relay
DHCP Status
ARP
ARP Table
ARP Proxy
ARP Spoofing Protection
Advanced Networking
TCP MSS
Optical Bypass Module
Second-Passthrough Traffic
Configuration Case
SSL VPN
Online Users
Deployment
Local Users
Adding Group
Adding User
Searching for Users
Managing Hardware IDs
Importing User to Device
More Options
Viewing Associated Resources of Use
Resources
Resource Group
TCP Application
L3VPN
More
Roles
Adding Role
Generate Privilege Report
Login Options
Virtual IP Pool
Logging In
Authentication
Primary Authentication Method
Secondary Authentication Method
Other Options
Certificate
Resource Options
Local DNS
Sangfor/IPSec VPN
VPN Status
VPN Wizard
Sangfor VPN
IPSec VPN
SD-WAN Configuration
SD-WAN Path Selection Templates
SOFAST Optimization
App Categories
Sangfor VPN Configuration
Basic Settings
VPN Users
VPN Connection
Advanced
IPSec VPN Configuration
General Settings
VPN Paths
CSR
Certificates
Intranet Services
Logs
System
General Settings
Web UI
Network
Network Parameters
Management Interface
VLAN 0 IP
H.323 Port
SIP Port
Gratuitous ARP
Route Priority Settings
Home, Business Asset, and User Security Page Display Settings
Advanced Settings
Email
Configuration Steps
System Time
NTP Key
Hosts
Licensing
License Activation Method
OOBM
Privacy Options
Security Capability Update
Troubleshooting
Troubleshooting
Precise Traffic Analysis
Detection
Passthrough
Analysis of Traffic to Network Secure
Tools
Packet Capture
Technical Support
Packet Replay
Logs
Web Console
SNMP
Administrator
Maintenance
Backup/Restore
Upgrade
Past Updates
Restart
Service Packs
High Availability
Overview
HA Policy Settings
Sync Options
HA Traffic
Link Aggregation
HA Modes
Overview
Active/Standby Deployment Case
Active/Active Layer 2 Deployment Case
Virtual Systems
Overview
System Types
Administrator Types
Resource Assignment
Traffic Distribution
Virtual Interfaces
System Management
Resource Pools
Device Management
Central Management
Network Secure Settings
Central Management Settings
QAssistant
Integration Bus
O&M Management
Routine Inspection
Check the Hardware of the Device
Check the Interface Indicator Light
Check the Running Condition of the Device
Check the Abnormal Status of the Device
Check the Configuration Information of the Device
Device Configuration Backup
Check the Version of the Rule Database
Check the Security of the Device
Check the Security of the Console Account
Check the Remote Maintenance Status of the Console
Check the Log Information of the Device
Shortcut Functions
Menu Search
Vulnerability CVE Search
Page Shift
Restoration of the Device Configuration and Password
Restore the Password by Rebooting with a USB Flash Drive
Applicable Scenarios
Operation Procedure
Restore the Factory Settings
Applicable Scenarios
Operation Procedure
Patch Update Guidance
Methods to Obtain Sangfor Patch
Check Links
Scenarios and Configuration
Device Able to Access Internet and Automatic Patch Update Enabled
Device Able to Access Internet and Automatic Patch Update Not Enabled
Device Using Proxy Server to Obtain Patch Update
Both Device and PC Unable to Access Internet
Precautions
Use of Auxiliary Tools
Troubleshooting
Web Command Console
Packet Capture Tool
Troubleshooting
Unable to Log in to the Network Secure Console
Abnormal Access to the Business System
Device I/O Exception
Failing to Update the Rule Database
Emergency Event Handling
Exception or Network Disconnection of Major Business System
Device Hardware Failure
The ALARM Indicator Light Staying Off and the Device Fails to Power On
The ALARM Indicator Light Staying On and Failing to Log in to the Device
Networking Interface Failure
Product Upgrade Guide
Product Upgrade Steps
Product Pre-upgrade Inspection
Upgrade through the Web
Web-Based System Upgrade Methods
Web-Based System Upgrade Procedures
Offline Upgrade
Upgrade Through Central Manager
Central Manager-Based Upgrade Steps
Central Manager-Based Upgrade Procedures
Product Post-Upgrade Inspection
Network Connectivity
Device Health
Acronym
SDKs, APIs
CLI Document
Athena NGFW (Next-Generation Firewall)
{{ breadTitle }}
Deployment
Replacing Fortigate with NGFW
Cutover and Rollback Plan
Rollback Plan
Principles
{{sendMatomoQuery("Athena NGFW (Next-Generation Firewall)","Principles")}}
Principles
{{ $t('productDocDetail.updateTime') }}: 2026-01-04
Rollback plan must be pre-tested or verified
Recovery to original network within 10 minutes
FortiGate remains unchanged and ready
{{ $t('index.defaultHeader.chromeBrowserTip') }}