Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3248
Views
0
Helpful
4
Replies

Detect DDOS attack?

tinhnho123
Level 2
Level 2

‎08-22-2013 01:31 PM - edited ‎03-11-2019 07:29 PM

Hello guys,

I have an ASA 5550 for 3 years, it's been working great. I was wondering how do I detect if I'm under DDOS/SYN attack from my ASA (ASDM or CLI)? How to mitigate the attack? Thanks.

Labels:
0 Helpful
4 Replies 4

Michael Muenz
Level 5
Level 5

‎08-23-2013 01:48 AM

ASA has basic threat detection features (ASDM -> Config -> Firewall -> Threat Detection) where you can configure it (SYN attacks). DDOS is not very specific because there are many variants of it, currently most of it are DNS attacks

Michael

Please rate all helpful posts

Michael Please rate all helpful posts
0 Helpful

tinhnho123
Level 2
Level 2
In response to Michael Muenz

‎08-23-2013 07:37 AM

I have those enabled now. I've heard a lot about DNS attacks but what exactly ASA can do to migitate it? if not what can I do/buy (I've heard of IPS module for ASA) to migitate it if it happens? Thanks and have a good Friday!

0 Helpful

Michael Muenz
Level 5
Level 5
In response to tinhnho123

‎08-23-2013 08:18 AM

http://www.prolexic.com/

Michael

Please rate all helpful posts

Michael Please rate all helpful posts
0 Helpful

Anthony.Herman
Level 1
Level 1

‎08-23-2013 03:42 PM

There are a lot of companies that specialize in Netflow products speficially tailored towards DDOS detection.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card