Athena NGFW (Next-Generation Firewall)

Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.

8.0.85

{{item.code}}

Product Overview

Deployment

Installation Preparations

Deployment Mode

User Manual

Home

Security Operations

IoT Security

Business Asset Security

Summary of Business Asset Risks

Configuration Case

Summary of Attack Events

Passive Vulnerability Scan

User Security

Specialized Protection

Blacklist and Whitelist

Blacklist

Whitelist

Next-Gen Security

Endpoint Protection

Security Capabilities

Monitor

Logs

Security Logs

Security Logs

Access Logs

System Logs

TOP N

Configuration Procedures

Sessions

Bandwidth Management

Statistics

Application

Application Statistics Query Case

Traffic

Case of Viewing Traffic Statistics

Report

Diagnosis

Packet Tracing

Settings

Logging Options

Log Database

Policies

Network Address Translation

IPv4 NAT

IPv6 NAT

NAT64

DNS-Mapping

Configuration Example

Access Control

Application Control

GeoLocation Blocking

Configuration Steps

Local ACL

Configuration Steps

Connection Control

Configuration Example

Network Security

Security Protection Policy

Anti DoS/DDoS

Decryption

Decrypt Data to Internal Server

6.4.1.1Configuration Steps

Bandwidth Management

Channel Configuration

Link Settings

Authentication

User Authentication

Custom Webpage

Objects

Threat Signature Database

Security Database

Custom Database

Content Identification Database

Application Signatures Database

URL Category Database

File Types

Email Attachment Filter

Schedule

Network

Interfaces

Physical Interfaces

Edit Physical Interface

DHCP

DHCP Servers

Configuration Case

Advanced Networking

Configuration Case

SSL VPN

Resources

Roles

Sangfor/IPSec VPN

SD-WAN Configuration

Sangfor VPN Configuration

Logs

System

General Settings

Configuration Steps

License Activation Method

Troubleshooting

Tools

High Availability

Virtual Systems

Overview

System Management

Example

Resource Pools

Device Management

Central Management

O&M Management

Routine Inspection

Check the Security of the Device

Shortcut Functions

Restoration of the Device Configuration and Password

Restore the Password by Rebooting with a USB Flash Drive

Restore the Factory Settings

Patch Update Guidance

Precautions

Use of Auxiliary Tools

Troubleshooting

Emergency Event Handling

Product Upgrade Guide

Offline Upgrade

Product Post-Upgrade Inspection

Acronym

SDKs, APIs

API Document

Athena NGFW (Next-Generation Firewall)

Link Load-Balancing

{{sendMatomoQuery("Athena NGFW (Next-Generation Firewall)","Link Load-Balancing")}}

Link Load-Balancing

{{ $t('productDocDetail.updateTime') }}: 2026-01-06

When a company has multiple lines connecting to the internet, define the matching conditions according to source/destination IP addresses, ports, protocols, and applications, and select policies for the outbound interface to perform dynamic routing to realize effective bandwidth utilization and load balance for these lines.

Click Add and select Link load-balancing, as shown in the figure below.

A screenshot of a computer

Description automatically generated

Outbound Interfaces: Select multiple outbound interfaces for the policy and then perform load balancing according to the policy. Click Add to add outbound interfaces, as shown in the figure below.

A screenshot of a computer

Description automatically generated

Link State: The line will be regarded as faulty when configuring link detection for an interface, and either PING or DNS detection fails.

Load Balancing Method: Perform traffic load balancing according to the algorithm. There are four algorithms:

• Round robin: Evenly allocates connections to multiple WAN lines.

• Bandwidth ratio round robin: Allocates connections according to the ratio of WAN lines bandwidth.

• Weighted least traffic: Compares the current line traffic to the line bandwidth and selects the line with the minimum ratio to prioritize connecting first.

• Prefer link at top: It is used in scenarios requiring active and standby lines. All connections are allocated to the first line. If the first line fails, the connection will be switched to the second selected available line.

Configuration Case

A user has 2 WAN lines: China Telecom lines of 2M and 10M. The user wants to realize that when LAN users access public networks, the line with the least traffic is automatically selected.

Step 1.Navigate to Network > Routes > Policy-Based Route, and click Add to add link load-balancing routes. The page is as follows.

A screenshot of a computer

Description automatically generated

Step 2.Configure interfaces, as shown in the following figure.

A screenshot of a computer

Description automatically generated

Step 3.Select the Load Balancing Method, as shown in the following figure.

Step 4.Configure Link State Detection for the corresponding interface. Ensure the link switching can be performed when a link fails, as shown in the following figure.

A screenshot of a computer

Description automatically generated

Step 5.Check the configuration, as shown in the following figure.

1. To implement load-balancing among multiple WAN lines, Link State Detection must be enabled.

2. For link load-balancing, only WAN attribute interfaces can be selected.

3. Each WAN line must have a corresponding policy-based route, which can be a source-based route or a link load-balancing one.

{{ $t('index.defaultHeader.logo') }}

Athena NGFW (Next-Generation Firewall)

Link Load-Balancing

Configuration Case