Solved: Can Cisco FTD block DDoS attack?

King_1988 · ‎08-08-2023

Hi Good People

We have cisco 2100 ftd managed by FMC. Can this block DDoS attack or any model of ftd or do we need any license?

Marvin Rhoads · ‎08-10-2023

Only in the most basic sense (protect against syn floods, scanners etc.).

True DDoS protection (for instance from volumetric attacks) requires an external service like the Radware service. It is available as an optional add-on for 4100, 4200 and 9300 series (or as separate appliances or cloud-delivered as a service).

View solution in original post

marce1000 · ‎08-08-2023

- Review this thread : https://community.cisco.com/t5/network-security/ftd2100-ddos-protection/td-p/4143697

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

King_1988 · ‎08-09-2023

Thanks. But it would be better if you can reply in just summary of this. Whether it blocks DDos or not? And which license/feature needed to block DDos?

Georg Pauwen · ‎08-08-2023

Hello,

as far as I recall, the FTD 4100 does support advanced DDoS protection.

https://www.cisco.com/c/en/us/products/security/secure-ddos-protection/index.html#~products

King_1988 · ‎08-09-2023

Can you please confirm? I need the correct info. FTD2100 supports DDoS blocking?

Marvin Rhoads · ‎08-10-2023

Only in the most basic sense (protect against syn floods, scanners etc.).

True DDoS protection (for instance from volumetric attacks) requires an external service like the Radware service. It is available as an optional add-on for 4100, 4200 and 9300 series (or as separate appliances or cloud-delivered as a service).

King_1988 · ‎08-10-2023

Thanks a lot Marvin for the specific answer.