Hi,
DDoS attacks are not supported by Firepower unless you have Radware DefensePro installed which is again supported only on 4100 and 9300 platforms. Please refer to the below link:
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/radware/radware_ftd_qsg.html
However, DoS prevention can be configured under Rate Based attack as per the following link:
https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/detecting_specific_threats.html#ID-2236-00000281
Quoting from the above link:
"In a network analysis policy, you can either configure SYN flood or TCP/IP connection flood detection for the entire policy; in an intrusion policy, you can set rate-based filters for individual intrusion or preprocessor rules. Note that you cannot manually add a rate-based filter to GID 135 rules or modify their rule state. Rules with GID 135 use the client as the source value and the server as the destination value.
WhenSYN Attack Prevention is enabled, rule 135:1 triggers if a defined rate condition is exceeded.
When Control Simultaneous Connections is enabled, rule 135:2 triggers if a defined rate condition is exceeded, and rule 135:3 triggers if a session closes or times out."
Regards,
Carol