Cisco ASA 5515X Firewall. Getting a coordinated syn attack against one of our websites hosted behind the firewall.. My ASA's CPU is going to 100% and not allowing legitimate traffic through during this attack. It completely shuts down. It is configured with an MPF policy to protect the website being attacked from a syn flood but even when this policy was removed the CPU stays pegged at 100%. My point here is that it doesn't seem like its the policy thats causing the high CPU usage. Seems to simply stem from the device seeing so much traffic on the outside interface. When I look at CPU usage I see the datapath process consuming most of the CPU. I cannot understand how a device like this allows folks to configure a protection for a syn attack for a host the FW protects, but then have the flood cause such high CPU usage that the device itself cannot allow ANY traffic. Whats the point of protecting a server behind the firewall if the firewall itself cannot handle the flood. Is there some reserve configuration that can be done to reserve some level of the CPU so the device just doesn't come crashing to its knees. I understand that a firewall has to process switch each packet to protect the network, but it seems like there should be some way to ensure that the traffic level never causes the CPU to be totally used. Seems like the ASA platform is easily taken down by something like a syn flood. Can anyone offer a solution. My network is completely offline and Cisco TAC has no answer. Thanks in advance.