Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1652
Views
0
Helpful
2
Replies

How to prevent SYN Flood with IOS Firewall

proactive99
Level 1
Level 1

‎12-01-2010 06:21 AM - edited ‎03-11-2019 12:17 PM

Hello,

I'm deploying ASR1000 (also known IOS Firewall), and would like to prevent some network attacks like below with IOS Firewall. I believe there are some commands that can be configured in ASR, but i'm not sure how to use them.

1) SYN Flood attack

2) IP fragmentation attack

3) Detect and record the port scanning behavior.

Thanks in advance,

-Alejin

Labels:
0 Helpful
2 Replies 2

Panos Kampanakis
Cisco Employee
Cisco Employee

‎12-01-2010 03:56 PM

1) You can set connection limits for the Zone Based Firewall to not pass many connections. But if someone start the SYN flood the firewall cannot really prevent it. It can block it, but you can't stop someone from doing it.

2) The ASR1K Zone Based Firewall feature can be set to drop fragments.

3) An IPS would do that.

Generally speaking all the above can also be done and you can be notified for them better from an IPS/IDS.

I hope it helps a little.

PK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card