Re: FWSM anti-dos option?

syjeon · ‎12-06-2009

Hi..

I have read that the fwsm has a serveral anti-dos option.

I has seached the fwsm anti-dos related document in CCO, But I can't yet.

first of all, I would like know that,

a. anti-dos feature in FWSM

b. if anti-dos in FWSM, How can I configuration?, Configuration guide

If you help me find it, I would appreciate it.

Thank you.

Jon Marshall · ‎12-08-2009

syjeon wrote:

Hi..

I have read that the fwsm has a serveral anti-dos option.

I has seached the fwsm anti-dos related document in CCO, But I can't yet.

first of all, I would like know that,

a. anti-dos feature in FWSM

b. if anti-dos in FWSM, How can I configuration?, Configuration guide

If you help me find it, I would appreciate it.

Thank you.

Have a look at this chapter in the configuration guide -

Jon

Panos Kampanakis · ‎12-08-2009

One example if you have a static for a server x would be that you want to have 100 conns maximum and 50 embryonics

static (mgmt,test) y x 100 50

The FWSM will proxy to verify that there is no SYN flood and that no more than 100 conns will go using that static.

Another to see a maximum number of connection for a specific traffic class is

policy-map test
class test
set connection conn-max 100

I hope it helps.

PK