Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Defensive mechnisms against DDoS (Distributed denial of service)

I have identified the following mechanisms to prevent and detect DDoS attacks. I would appreciate any additions or corrections on the subject. Furthermore, Can you direct me to any other best practices to detect and mitigate DDoS attacks.

Anti-spoofing mechanisms

• Blockage du dark space

• DHCP Snooping

• ARP inspection

• IP source Guard

• Unicast Reverse path forwarding URPF

• ACL

Managing resource saturation

• QoS

• Rate-limit

• Port security

Control plane and management plane

• Control plane policing CoPP

• Built-in CPU rate limits

• Selective packet discard

• Routing protocol and ARP policing mechanisms

• Traffic storm control

• Directed broadcast

• Cisco express forwarding

DDoS detection

• Netflow

• SNMP

• VACL

Server side protection

• SYNcookie

• Load balancing

• Reverse proxy

245
Views
0
Helpful
0
Replies