Showing results for 
Search instead for 
Did you mean: 

Better way to protect the edge

Carl Fitzsimmons

I have what I thought was going to be relatively easy task. Our syslog server logs more than 20,000 login attempts in 48 hours to log in using a variety of root, admin, administrator and random email accounts. While all have been prevented it may only be a matter of time before they are successful.

The network has an edge router C892FSP-K9 with several port forwarding statements for mail and a few other network services needed outside the office.

I moved ahead taking the logs and converting high occurrence attacks into an ACL and placing that on our edge egress interface a Cisco C892FSP-K9.

What happens is that we get a short lived benefit and then hammered again from new IPs.

I am rethinking the ACL solution I am currently using which uses a single IP Address DENY statement, one after the other, in an ACL list that is now hundreds of lines in length with at this time no apparent end in sight. I am think that there must be a better way to implement protection. The site does not want to move to an ASA device so I will need to implement using the C892FSP-K9.

So I am seeking a different way to implement edge security to stop such attacks and looking for some input on how to proceed.


6 Replies 6

I will check this out

Leo Laohoo
VIP Community Legend VIP Community Legend
VIP Community Legend

How big is the WAN link?

Cable at 400Mb

@Carl Fitzsimmons wrote:
Cable at 400Mb

A puny 89x router will not be able to push beyond 50 Mbps with "vanilla" config. 

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

I wouldn't chase router security options for this use case. If the business won't sponsor a proper enterprise firewall like a Cisco Secure 1000 series (or Fortinet/Palo Alto etc.) then even pfSense running on Netgate would work ok - and MUCH better than even an expertly tuned router.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers