cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
587
Views
0
Helpful
0
Replies
castleju1
Beginner

firewall capacity expansion for DDOS protectionI have to expand firewall capacity (max session) for ddos protection-L3


In my opinion, firewall is vulnerable to a session based attack ( like HTTP GET Flooding)


For DDOS protection.. I consider three items
1. remove the L4 in front of firewall (like firewall load balancer)
2. firewall active/active ( multiple context is not used - Cisco engineer is not recommendation)
3. Distributed traffic


Four kinds of technology
- L3 based load balancing ( traffic desctibution using L3)
- source ip  based routing ( PBR )
- switch stack
- dns load balancing


i attached file ( current firewall & nework architecture and new architecture )


I have a few guestions
1.  is  new network architecture possible..?
2.  additional issues..?


thanks

0 REPLIES 0