ebreniz Wed, 01/16/2008 - 11:45
User Badges:
  • Silver, 250 points or more

Yes you can Disabled the "SYN flood. It is the normalizer that detects the Syn Flood and, and can do syn cookies for protection of the Syn Flood. But as the ASA does the normalization, the normalizer is not running on the AIP-SSM and will not detect the Syn Flood on the AIP-SSM. So you need to rely on the ASA's Syn Flood protection (the ASA itself does Syn Cookies).

If this were an Appliance then the Appliance does run the Normalizer and is able to detect the Syn Flood and use Syn Cookies for protection (to turn on the Syn Cookie protection configure modify-packet-inline on sig 3050).

michelerossi Fri, 01/18/2008 - 00:03
User Badges:

Have you got an example config of the Asa to do This ?



This Discussion