Application Delivery (ADX)

Reply
New Contributor
Posts: 2
Registered: ‎12-21-2014

DOS attack and ADX1000

HI ,

 

I am using ADX1000, i have faced DOS attack several time from local network. i have enabled syslog on ADX, but i am not getting more than SRC/DST IP address and ports.

 

how do i identify the DOS attach from src ip address, since we have thousand of users, how can i identify dos ip ....

 

 

 

Regards

 

 

Contributor
Posts: 74
Registered: ‎08-18-2011

Re: DOS attack and ADX1000

I am not sure what is your configuration and what kind of attack you are seeing but here are some options that you can use. 

1. Syn Defense (If you are seeing lots of syn packets from clients which don't exist)

2. Client transaction rate limiting feature on virtual server.  (If some clients are sending genuine traffic but large number of requests)

3. Security filter. (If there is a particular pattern in the attack traffic you can block simillar packets matching that pattern using this feature)

4. Traffic prioritization (This feature is in the new releases of firmware and it lets you choose important services and making sure that traffic to those services is not dropped when CPU is under stress.

 

You can have a look at the security guide or talk to the support for which features are more applicable in your case. 

 

 

 

-Mohit Sahni

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook