Guard & Detector and cc attack.

Unanswered Question
May 9th, 2009

I heared that the cisco G/D didn't reconize and defend cc attack the sort of ddos attack.


If right. How can I config to cisco G/D to defind cc attack? Is there any other way to filter cc attack?


Our boss get the information from internet to buy ddos filtering system. but the cisco G/D has a critical caveat to implement our ddos system.


We must filter cc attack , because of our www server, and related other , DB server.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Thu, 05/14/2009 - 06:06

The Guard module provides an attack report for each zone to help you form a comprehensive view of the attack. An attack begins when the Guard module produces the first dynamic filter and ends when no dynamic filter is in use and no new dynamic filters are added. Reports include details of the attacks that are organized into sections that describe different characteristics of the traffic flow during an attack. The Detector is a Distributed Denial of Service (DDoS) attack detection device that analyzes a copy of the zone traffic. The Detector can activate the Guard module attack mitigation services when the Detector determines that the zone is under attack. The Detector can also synchronize zone configurations with the Guard module.


http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/anomaly_guard/v6.1/configuration/guide/conffilt.html#wp1028144

Actions

This Discussion