10-23-2014 02:32 PM - edited 02-21-2020 05:18 AM
I have been hearing about how DDoS attacks are on the rise.
My ASA only has the firewall, which, from what I read, makes it no more than a PIX firewall.
Is there a way to determine if my ASA is being probed and/or being subjected to a DDoS attacks?
I work at another company, also, that had a simple firewall. A DDoS attack kept them from normal operations for 2 weeks.
I want to avoid that!
Or is there other criteria I can use to demonstrate a need for it?
Thanks,
10-24-2014 12:01 AM
The Security Module (SSC) in the ASA 5505 (which is already announced EOL) wouldn't help you against DDOS attacks. The module ist just an IPS which works signature-based. The typical company hast to ask the ISP for support against DDOS, but the ISPs take good money for that.
10-24-2014 08:22 AM
Hello, Mike.
The security module on the ASA 5505 are indeed End of Life. Is this a new ASA 5505 that you recently purchased? If you are already considering upgrading, you can check the ASA 5500-X models with the new FirePOWER services which is a next generation IPS and anti malware.
Let me know if you have other concerns or e-mail (adawa@cisco.com) me directly. Kind regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide