Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1088
Views
0
Helpful
1
Replies

DDoS default settings

jhoffma_3
Level 1
Level 1

‎02-13-2013 02:11 AM - edited ‎03-11-2019 06:00 PM

Hi,

my question is: Which default settings are done on a Cisco ASA and a CISCO ASR (with firewall IOS) against DDoS attacks?

The Cisco ASR is configured as zone based firewall, which inspect all pakets.

I read the article

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/sec-ddos-attack-prevn.html and wanted to know, what the device will do aiganst DDoS attacks, if I don't configure the settings from the "

Protection Against Distributed Denial of Service Attacks" guide.

Could you explain that for me?

Thanks in advance!

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎02-28-2013 08:45 PM

Hi Julia,

Check the following links for further information

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_threat.html

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

We also have the normalizer inspection provided by the ASA that will inspect each tcp packet and make sure it conforms to the RFC,etc,etc,etc,etc

For the IOS firewall

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd804e5098.html

Does are the defaults that I could think at this moment,

Regards

Julio Carvajal

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Review Cisco Networking for a $25 gift card
li.common.scroll-to.top