How to secure a BGP border router connected to upstream ISPs against DoS and DDoS attack and other attacks which exist out there in order to protect my customers since our border represents the fit..we receive just a default route from ISPs
Another thing to consider is to filter Bogons from your external interface. These are source address that should not appear in an IP packet on an interface that faces the public Internet. A good example are address in the RFC 1918 address range. External attackers will try to spoof your internal addres space in order to gain acces to your network or to launch DDoS attacks.
Thanks a lot guys for ur great contribution,i gonna use thes posts as my reference now i can proceed to protect my network and a bit my customer they will be protected since our border is the first line of defense my customer will use FW and IPS this stuff up to them
i have read that asr with ios XE has a built in security features against DoS and DDoS?any comments?
CAR at the border it might shape legitimate connection , then we my get performance issue!!!!!
guys,i wondering , if u receive default route from the ISPs do y need the whole filtering
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...