{{ $t('index.defaultHeader.logo') }}

Athena NGFW (Next-Generation Firewall)

Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.

{{ $t('productSubHeader.tabs.document') }}

{{ $t('productSubHeader.tabs.bestPractice') }}

{{ $t('productSubHeader.tabs.case') }}

{{ $t('productSubHeader.tabs.software') }}

{{ $t('productSubHeader.tabs.bbs') }}

{{ $t('productSubHeader.searchLabel') }}

{{ $t('productDocDetail.guideClickSwitch') }}

{{ $t('productDocDetail.know') }}

{{ $t('productDocDetail.dontRemind') }}

8.0.39

{{item.code}}

User Manual

Overview

Installation and Deployment

Installation Preparations

Deployment Mode

Home Page

Security Operations

SOC

Business Asset Security

User Security

Specialized Protection

Next-Gen Security

Network

Interfaces

DHCP

ARP

Advanced Networking

Monitor

Logs

Sessions

Statistics

Reports

Options

Policies

Network Address Translation

Access Control

Security Policy

Decryption

Bandwidth Management

Authentication

Custom Webpage

Object

Security Protection Rule Database

Content Signature Database

IP Location Database

Schedule

Trusted Certificate Authority

System

General Configuration

High Availability

Active-Standby Deployment

Central Management

Configuration Example for Access of NGAF to CM

O&M Management

Routine Inspection

Shortcut Functions

Restoration of the Device Configuration and Password

Patch Update Guidance

Use of Auxiliary Tools

Troubleshooting

Emergency Event Handling

Product Upgrade Guide

Acronym

Athena NGFW (Next-Generation Firewall)

{{ breadTitle }}

Emergency Event Handling

Exception or Network Disconnection of Major Business System

{{sendMatomoQuery("Athena NGFW (Next-Generation Firewall)","Exception or Network Disconnection of Major Business System")}}

Exception or Network Disconnection of Major Business System

{{ $t('productDocDetail.updateTime') }}: 2026-01-07

Enable Precise traffic analysis for this business system to check whether it returns to normal. If so, view the interception logs to find out modules denying inbound and outbound packets, and modify the policy. Disable Precise traffic analysis to test whether the service access returns to normal. If not, enable Precise traffic analysis again and modify the policy according to the interception logs until failures are repaired.
Ping to the NGAF device from the LAN PC and test whether the PC can access the NGAF normally. If so, try to ping to the gateway and WAN from the NGAF using command-line tools, to confirm whether the WAN is available.
Enable Global passthrough and analysis to check whether the user can access the Internet. If so, view the interception logs to find out modules denying inbound and outbound packets, and modify the policy. Disable Global passthrough and analysis to test whether the Internet access returns to normal. If not, enable Global passthrough and analysis again and modify the policy according to the interception logs until failures are repaired.
Deploy a device in bridge mode and confirm whether bridge interfaces are bypass interfaces that are usually marked on the interface panel. If they are not marked, eth0 and eth2 ports are regarded as a pair of bypass interfaces. If the bypass interfaces are used as network bridge interfaces, turn off the device and test again.
Turn off the device and check whether the service returns to normal. If the eth0 and eth2 ports are not bypass interfaces, connect the uplink and downlink to a pair of bypass interfaces to check whether the service returns to normal, or directly skip the firewall and test again.
If you still fail to troubleshoot, skip the device and test again.
After that, if the business system returns to normal, contact the technical support engineer from Sangfor to check whether the device is abnormal.
If you still fail to troubleshoot, check whether the configurations of other network devices are abnormal.