04-03-2009 04:16 AM - edited 03-09-2019 10:11 PM
What capabilities does the Guard/Detector have to protect from and mitigate application level DDoS attacks? (looking for a whitepaper or guide that shows the detailed capabilities)
What other solutions could help?
04-09-2009 03:16 PM
You can create a zone in the detector, which monitors for DDoS attacks. When the Detector identifies a DDoS attack, it can activate a Cisco Guard automatically to protect the zone against the attack, or it can notify the user to activate the Cisco Guard manually. The Detector can analyze the traffic for different zones simultaneously, as long as their network address ranges do not overlap.
04-14-2009 10:32 PM
I am not aware of any white paper detailing this, from my own experience
I don't remember in its reports something about application level
- only usual DOS stuff: half-open scans, pins sweeps, etc.
If you mean xss attacks, SQL injection
, protocol violation attacks - I cant recall seeing such in guard attack logs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide