Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
1
Replies

where to deploy a ddos solution

carl_townshend
Spotlight
Spotlight

‎11-26-2013 12:58 PM - edited ‎03-11-2019 08:09 PM

Hi all

A question, If I was an internet based company

where would be best to deploy ddos protection?

and what are the best solutions for this ?

cheers

Carl

Labels:
0 Helpful
1 Reply 1

jumora
Level 7
Level 7

‎11-26-2013 08:55 PM


http://en.wikipedia.org/wiki/Denial-of-service_attack

DDoS on IPS and you can configure MPF on the ASA to limit the amount of connections that should reach the server, this would only be if you know the expected amount.

IPS link, please read DDoS information.

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/data_sheet_c78-459520_ps6120_Products_Data_Sheet.html

Tcp intercept, the ASA is but a mitigation device that will prevent the attack to get to the server but will suffer the consequences like high CPU or running low on resources for other connections that are going through.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_connlimits.html

Attacks such like these are normally caused from the Internal LAN but if in any case it is external, developing a contingency plan with your ISP would be best, they can track down the source as you only have access to local resources and black hole them, block the source or get in touch with other providers to track down or attack the source to kill its resources.

Value our effort and rate the assistance!

Value our effort and rate the assistance!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card