Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

where to deploy a ddos solution

Hi all

A question, If I was an internet based company

where would be best to deploy ddos protection?

and what are the best solutions for this ?

cheers

Carl

  • Firewalling
1 REPLY
Cisco Employee

where to deploy a ddos solution


http://en.wikipedia.org/wiki/Denial-of-service_attack

DDoS on IPS and you can configure MPF on the ASA to limit the amount of connections that should reach the server, this would only be if you know the expected amount.

IPS link, please read DDoS information.

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/data_sheet_c78-459520_ps6120_Products_Data_Sheet.html

Tcp intercept, the ASA is but a mitigation device that will prevent the attack to get to the server but will suffer the consequences like high CPU or running low on resources for other connections that are going through.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_connlimits.html

Attacks such like these are normally caused from the Internal LAN but if in any case it is external, developing a contingency plan with your ISP would be best, they can track down the source as you only have access to local resources and black hole them, block the source or get in touch with other providers to track down or attack the source to kill its resources.

Value our effort and rate the assistance!

Value our effort and rate the assistance!
120
Views
0
Helpful
1
Replies
This widget could not be displayed.