Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Detect DDOS attack?

Hello guys,

I have an ASA 5550 for 3 years, it's been working great. I was wondering how do I detect if I'm under DDOS/SYN attack from my ASA (ASDM or CLI)? How to mitigate the attack? Thanks.

4 REPLIES

Detect DDOS attack?

ASA has basic threat detection features (ASDM -> Config -> Firewall -> Threat Detection) where you can configure it (SYN attacks). DDOS is not very specific because there are many variants of it, currently most of it are DNS attacks

Michael

Please rate all helpful posts

Michael Please rate all helpful posts
New Member

Re: Detect DDOS attack?

I have those enabled now. I've heard a lot about DNS attacks but what exactly ASA can do to migitate it? if not what can I do/buy (I've heard of IPS module for ASA) to migitate it if it happens? Thanks and have a good Friday!

Re: Detect DDOS attack?

http://www.prolexic.com/

Michael

Please rate all helpful posts

Michael Please rate all helpful posts
New Member

Re: Detect DDOS attack?

There are a lot of companies that specialize in Netflow products speficially tailored towards DDOS detection.

484
Views
0
Helpful
4
Replies
CreatePlease login to create content