FWSM anti-dos option?

Unanswered Question
Dec 6th, 2009
User Badges:

Hi..


I have read that the fwsm has a serveral anti-dos option.

I has seached the fwsm anti-dos related document in CCO, But I can't yet.


first of all, I would like know that,

a. anti-dos feature in FWSM

b. if anti-dos in FWSM, How can I configuration?, Configuration guide


If you help me find it, I would appreciate it.

Thank you.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 12/08/2009 - 05:18
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

syjeon wrote:


Hi..


I have read that the fwsm has a serveral anti-dos option.

I has seached the fwsm anti-dos related document in CCO, But I can't yet.


first of all, I would like know that,

a. anti-dos feature in FWSM

b. if anti-dos in FWSM, How can I configuration?, Configuration guide


If you help me find it, I would appreciate it.

Thank you.

Have a look at this chapter in the configuration guide -


http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/protct_f.html


Jon

Panos Kampanakis Tue, 12/08/2009 - 11:07
User Badges:
  • Cisco Employee,

One example if you have a static for a server x would be that you want to have 100 conns maximum and 50 embryonics


static (mgmt,test) y x 100 50


The FWSM will proxy to verify that there is no SYN flood and that no more than 100 conns will go using that static.


Another to see a maximum number of connection for a specific traffic class is


policy-map test
class test
  set connection conn-max 100


I hope it helps.


PK

Actions

This Discussion