12-20-2018 02:21 AM - edited 02-21-2020 08:35 AM
i am using ASA 5508X firewall.so is this device capable to stop all types of DDOS attack? like
Volume Based Attacks
Protocol Attacks
Application Layer Attacks
or we go for some other device like arbor Ddos Protection for datacenter . please suggest
Thanks
12-20-2018 03:09 AM
For this you would need to use a NGFW such as Firepower, but there are more out there, simply running ASA will not to application layer protection, firepower can, if you need to protect your www facing content, you need something like F5 ASM, but there is more out there, this will protect you against things like cross site scripting and SQL injections etc.
12-20-2018 06:17 AM
Short answer is no. ASA does not have DDOS protection mechanism built-in as a feature. You can do rate based policy based on source/destination networks/protocols etc, but the whole idea of DDOS is that it is distributed to source from different networks. Plus the ASA5508 is one of the lower end models, so it would not be able to take a high volume of traffic that is usually seen in a DOS attack. Arbor and Radware are more suited for DDOS protection.
05-09-2021 07:40 PM
The ASA can do basic Threat Detection including basic DOS protection. This document explains what all it does (by default)
ASA Threat Detection Functionality and Configuration - Cisco
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide