Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
8
Helpful
1
Replies

Layer 7 attacks Vs CS-MARS

kashi_login
Level 1
Level 1

‎09-18-2009 07:03 AM

Does CS-MARS support mitigating layer 7 attacks ?

Thanks:)

Labels:
0 Helpful
1 Reply 1

Farrukh Haroon
VIP Alumni
VIP Alumni

‎09-26-2009 02:54 AM

There are two pieces of the puzzle here. First 'detecting' L7 attacks and the second is 'mitigating' them.

MARS is not a device meant to 'detect' attacks, this is done by the reporting device (IPS, Firewall with Deep Packet Inspection etc). Once these devices report data (events) into MARS, MARS will parse/process these events into meaningful 'incidents'.

These 'incidents' are generated based on MARS rules. You can configure 'mitigation' (Layer 2) for these incidents/attacks using MARS.

HTH, Please rate if helpful.

Regards

Farrukh

Customers Also Viewed These Support Documents