11-26-2014 05:00 AM - edited 03-11-2019 10:08 PM
Hi all
Can anyone tell me the following
Can firewalls and IPS stop DDOS attacks? I see they can do basic protection, syn floods etc but they arent specifically designed to do so? is this correct?
Where would we best place these ddos devices, infront of the firewall or isp router?
how do they work, do they absorb and let through the legitimate traffic ?
cheers
11-26-2014 06:04 AM
Hi Carl,
Cisco ASA has option to protect from DDOS attack .
You have to create embryonic connection settings in the ASA.
Below link will guide you for the configuration
http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/conns_connlimits.pdf
Regards,
Shinu Kuruvila
11-26-2014 06:55 AM
Hi,
I think as you pointed out an actual DDOS attack would be very hard to stop against any firewall.
In most of the DDOS cases , we recommend blocking the attcking port or IP's being blocked on the ISP end.
It is always preferred to have the DDOS protection upstream to the ASA device as that will prevent those packets from even reaching the ASA device and causing this issue. I would recommend placing it somewhere between the ISP and ASA device.
Thanks and Regards,
Vibhor Amrodia
11-27-2014 05:51 AM
Hi
Which company can provide that device ? Juniper UTM will work ?
11-27-2014 12:47 PM
Arbor View PeakFlow are used to mitigate DOS & DDOS Attack.
11-26-2014 06:51 AM
You are right that the ASA has only minimal protection against DDOS. There are specialized devices available, but I think that Cisco doesn't have anything in the portfolio any more. Some time ago there was the Cisco Guard XT, but that is EOS/EOL.
If you are having problems with DDOS, the only one that really can help you is your provider. Whatever device you place into your network, they all can't help if your internet-link is completely saturated.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide