cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
443
Views
0
Helpful
2
Replies

Application Level DDoS attacks - Cisco Guard?

Iselator71
Level 1
Level 1

What capabilities does the Guard/Detector have to protect from and mitigate application level DDoS attacks? (looking for a whitepaper or guide that shows the detailed capabilities)

What other solutions could help?

2 Replies 2

jsivulka
Level 5
Level 5

You can create a zone in the detector, which monitors for DDoS attacks. When the Detector identifies a DDoS attack, it can activate a Cisco Guard automatically to protect the zone against the attack, or it can notify the user to activate the Cisco Guard manually. The Detector can analyze the traffic for different zones simultaneously, as long as their network address ranges do not overlap.

I am not aware of any white paper detailing this, from my own experience

I don't remember in its reports something about application level

- only usual DOS stuff: half-open scans, pins sweeps, etc.

If you mean xss attacks, SQL injection

, protocol violation attacks - I cant recall seeing such in guard attack logs.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: