Athena NGFW (Next-Generation Firewall)

Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.

8.0.85

{{item.code}}

Product Overview

Deployment

Installation Preparations

Deployment Mode

User Manual

Home

Security Operations

IoT Security

Business Asset Security

Summary of Business Asset Risks

Configuration Case

Summary of Attack Events

Passive Vulnerability Scan

User Security

Specialized Protection

Blacklist and Whitelist

Blacklist

Whitelist

Next-Gen Security

Endpoint Protection

Security Capabilities

Monitor

Logs

Security Logs

Security Logs

Access Logs

System Logs

TOP N

Configuration Procedures

Sessions

Bandwidth Management

Statistics

Application

Application Statistics Query Case

Traffic

Case of Viewing Traffic Statistics

Report

Diagnosis

Packet Tracing

Settings

Logging Options

Log Database

Policies

Network Address Translation

IPv4 NAT

IPv6 NAT

NAT64

DNS-Mapping

Configuration Example

Access Control

Application Control

GeoLocation Blocking

Configuration Steps

Local ACL

Configuration Steps

Connection Control

Configuration Example

Network Security

Security Protection Policy

Anti DoS/DDoS

Decryption

Decrypt Data to Internal Server

6.4.1.1Configuration Steps

Bandwidth Management

Channel Configuration

Link Settings

Authentication

User Authentication

Custom Webpage

Objects

Threat Signature Database

Security Database

Custom Database

Content Identification Database

Application Signatures Database

URL Category Database

File Types

Email Attachment Filter

Schedule

Network

Interfaces

Physical Interfaces

Edit Physical Interface

DHCP

DHCP Servers

Configuration Case

Advanced Networking

Configuration Case

SSL VPN

Resources

Roles

Sangfor/IPSec VPN

SD-WAN Configuration

Sangfor VPN Configuration

Logs

System

General Settings

Configuration Steps

License Activation Method

Troubleshooting

Tools

High Availability

Virtual Systems

Overview

System Management

Example

Resource Pools

Device Management

Central Management

O&M Management

Routine Inspection

Check the Security of the Device

Shortcut Functions

Restoration of the Device Configuration and Password

Restore the Password by Rebooting with a USB Flash Drive

Restore the Factory Settings

Patch Update Guidance

Precautions

Use of Auxiliary Tools

Troubleshooting

Emergency Event Handling

Product Upgrade Guide

Offline Upgrade

Product Post-Upgrade Inspection

Acronym

SDKs, APIs

API Document

Athena NGFW (Next-Generation Firewall)

User Manual

Objects

Threat Signature Database

Security Database

WAF Signature Database

{{sendMatomoQuery("Athena NGFW (Next-Generation Firewall)","WAF Signature Database")}}

WAF Signature Database

{{ $t('productDocDetail.updateTime') }}: 2026-01-06

WAF Signature Database covers attack packet features of the application layer, including SQL injection, XSS attack, website Trojan, website scanning, WebShell, cross-site request forgery, OS command injection, file inclusion attack, directory traversal attack, information disclosure attack, and whole-site Web system vulnerability. When passing through the device, these attack packets can be intercepted based on user settings to protect the server, as shown in the figure below.

A screenshot of a computer

Description automatically generated

Click Edit Global Action to modify WAF protection rules in a unified manner. If Default action (initial system state) is selected, the system's rule state is retained. If Block if attack detected is selected, the actions for all protection rules will be set to Enable, block after detection. Rules with the medium hazard level will be passed under the default status of the system, while rules of any hazard level will be intercepted after strict detection is enabled. See the figure below.

A screenshot of a computer error

Description automatically generated

Type shows the rule database of the current protection type. Click the drop-down box next to the search box to view the corresponding rule ID according to the protection type. Rule Name shows the corresponding name of the protection rule, as shown in the following figure.

A screenshot of a computer

Description automatically generated

Rule Name: Show the name of the protection rule.

Type: Display the protection type mapping to the current protection rule, such as SQL injection.

Threat Level: Describe the severity of the current vulnerability. It includes three levels: High, Medium, and Low. The higher the level, the higher the severity.

Status: Describe the actions taken by the device when detecting an attack, including Enabled. Block if attack detected, Enabled. Allow if attack detected, Enable, and Disable. This status can be customized. Click a rule name to go to the Edit Rule page, as shown in the figure below.

A screenshot of a computer error

Description automatically generated

Enabled. Block if attack detected: Indicate that the current rule is enabled. When an attack is detected, the corresponding packet is blocked.

Enabled. Allow if attack detected: Indicate that the current rule is enabled. When an attack is detected, the packet is logged but not blocked.

Disabled: Indicate that the current rule is disabled. When the rule is disabled, the device does not detect the rule.

{{ $t('index.defaultHeader.logo') }}

Athena NGFW (Next-Generation Firewall)

WAF Signature Database