DDoS default settings
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2013 02:11 AM - edited 03-11-2019 06:00 PM
Hi,
my question is: Which default settings are done on a Cisco ASA and a CISCO ASR (with firewall IOS) against DDoS attacks?
The Cisco ASR is configured as zone based firewall, which inspect all pakets.
I read the article
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/asr1000/sec-ddos-attack-prevn.html and wanted to know, what the device will do aiganst DDoS attacks, if I don't configure the settings from the "
Protection Against Distributed Denial of Service Attacks" guide.
Could you explain that for me?
Thanks in advance!
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2013 08:45 PM
Hi Julia,
Check the following links for further information
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_threat.html
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml
We also have the normalizer inspection provided by the ASA that will inspect each tcp packet and make sure it conforms to the RFC,etc,etc,etc,etc
For the IOS firewall
Does are the defaults that I could think at this moment,
Regards
Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
