https://community.cisco.com/t5/network-security/peak-bandwidth-utilization-problem/m-p/1598843#M559939 <HTML><HEAD></HEAD><BODY><P>Hi Rahil,</P><P></P><P>Unfortunately, there is nothing you can do from the firewall side besides blocking the packets in an ACL or shunning the attacker's source IP(s). However, as you've found, even if the packets are blocked by the ASA, they will still utilize bandwidth on your Internet link.</P><P></P><P>You would need to contact your ISP and ask them to stop this attack somewhere upstream on their infrastructure. They can blackhole the attacker's packets so that they never even reach your network. This is the only true way to stop attackers from overutilizing your bandwidth. Once the packets travel down the wire and reach your ASA, the bandwidth has already been used at that point.</P><P></P><P>Hope that helps.</P><P></P><P>-Mike</P></BODY></HTML> Tue, 15 Mar 2011 17:35:33 GMT mirober2 2011-03-15T17:35:33Z https://community.cisco.com/t5/network-security/peak-bandwidth-utilization-problem/m-p/1598842#M559938 <P>Dear ALL,</P><P></P><P>I am facing issue of high bandwidth utilization issue at customer site. And don't know how to address this issue. Customer having cisco asa deployed at perimeter. I am looking at firewall there are lot of attacks hitting firewall. like 445, 25, and others using higher port numbers. Then I applied access list to mitigate this problem and was done successfully. But bandwidth is on peak. How to stop this????</P> Mon, 11 Mar 2019 20:07:13 GMT https://community.cisco.com/t5/network-security/peak-bandwidth-utilization-problem/m-p/1598842#M559938 rahil khan 2019-03-11T20:07:13Z https://community.cisco.com/t5/network-security/peak-bandwidth-utilization-problem/m-p/1598843#M559939 <HTML><HEAD></HEAD><BODY><P>Hi Rahil,</P><P></P><P>Unfortunately, there is nothing you can do from the firewall side besides blocking the packets in an ACL or shunning the attacker's source IP(s). However, as you've found, even if the packets are blocked by the ASA, they will still utilize bandwidth on your Internet link.</P><P></P><P>You would need to contact your ISP and ask them to stop this attack somewhere upstream on their infrastructure. They can blackhole the attacker's packets so that they never even reach your network. This is the only true way to stop attackers from overutilizing your bandwidth. Once the packets travel down the wire and reach your ASA, the bandwidth has already been used at that point.</P><P></P><P>Hope that helps.</P><P></P><P>-Mike</P></BODY></HTML> Tue, 15 Mar 2011 17:35:33 GMT https://community.cisco.com/t5/network-security/peak-bandwidth-utilization-problem/m-p/1598843#M559939 mirober2 2011-03-15T17:35:33Z