Scribd
Upload
96 views2 pages

Refer.3.3.3.AskF5 - Manual Chapter - AFM DoS - DDoS Protection

The document discusses DoS/DDoS protection features in BIG-IP Advanced Firewall Manager (AFM). AFM provides automatic and manual detection and mitigation of DoS/DDoS attacks through various methods, including attack vectors, dynamic signatures, custom signatures, and bad actor detection. Protection can be applied at both the device level and more granularly through individual protection profiles for specific applications and servers.

Uploaded by

Nguyen Ho Long
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
96 views2 pages

Refer.3.3.3.AskF5 - Manual Chapter - AFM DoS - DDoS Protection

The document discusses DoS/DDoS protection features in BIG-IP Advanced Firewall Manager (AFM). AFM provides automatic and manual detection and mitigation of DoS/DDoS attacks through various methods, including attack vectors, dynamic signatures, custom signatures, and bad actor detection. Protection can be applied at both the device level and more granularly through individual protection profiles for specific applications and servers.

Uploaded by

Nguyen Ho Long
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

1/28/2021 AskF5 | Manual Chapter: AFM DoS/DDoS Protection

Print

Applies To:
Manual Chapter : AFM DoS/DDoS Protection
Hide Versions Show Versions

BIG-IP AFM
15.0.1, 15.0.0

AFM DoS/DDoS Protection


AFM core features
BIG-IP Advanced Firewall Manager (AFM) denial-of-service or distributed denial-of-service (DoS/DDoS) Protection
is one of four AFM core features:
Network Firewall
Controls access to application resourcesusing industry-standard firewall-based rules.

DoS/DDoS Protection
Monitors and mitigates against denial-of-service and distributed denial-of-service (DoS/DDoS) attacks.

IP Intelligence
Restricts or allows data center access based on lists of source IP addresses (feed lists).

Reporting
Provides detailed graphical reports about network attack events.

AFM DoS/DDoS Protection is designed to protect your data center from attacks by detecting and mitigating a wide
range of malicious traffic patterns and packet types. Malicious traffic patterns and packets are also referred to as
attack vectors or attack signatures.

An effective DoS/DDoS solution blocks attack traffic while allowing legitimate traffic.

Automatic Detection and Mitigation


You can configure BIG-IP AFM to automatically detect and mitigate DoS/DDoS attacks using a wide variety of
custom and default attack vectors. You can also enable the BIG-IP AFM Dynamic Signature feature to create new
attack signatures and mitigate attacks based on traffic patterns that change over time.

Manual Detection and Mitigation

https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-system-dos-protection-and-protocol-firewall-implementations/afm-dos-protection.print.html 1/2
1/28/2021 AskF5 | Manual Chapter: AFM DoS/DDoS Protection

An effective DoS/DDoS protection solution requires an in-depth traffic analysis to determine the baseline traffic
patterns and thresholds, as well as attack patterns and thresholds. Once a traffic analysis is complete, you can
determine the appropriate DoS/DDoS attack vectors, and manually configure the detection and mitigation
thresholds for each.

AFM DoS/DDoS features


The BIG-IP AFM system includes a wide variety of features to detect and mitigate against Network, SIP and DNS
related DoS/DDoS attacks.

Attack Vectors
BIG-IP AFM uses industry standard Network, DNS and SIP attack vectors, or signatures, that can be configured to
detect and mitigate DoS/DDoS attacks.

Dynamic Signatures
Dynamic signatures are created by AFM DoS/DDoS Protection based on changing traffic patterns over time. When
a unique DoS attack is detected, a dynamic signature is created and can then be used for DoS/DDoS protection.

Custom Attack Signatures


You can create custom DoS/DDoS attack signatures for network and DNS traffic patterns and packets that do not
match either the default or dynamic attack signatures.

Bad Actor Detection


Bad Actor detection identifies IP addresses that engage in attacks targeting many destinations. The AFM system
can automatically blacklist Bad Actor IP addresses with specific thresholds and time limits.

About device protection and protection pro les


BIG-IP Advanced Firewall Manager (AFM) applies DoS/DDoS attack protection at two levels: Device Protection
and Protection Profiles. Device Protection is used to protect the entire BIG-IP system, while Protection Profiles are
used to protect individual virtual servers, known as Protected Objects. Having two levels of protection provides
the ability to adapt detection and mitigation levels for specific devices or applications.

https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-system-dos-protection-and-protocol-firewall-implementations/afm-dos-protection.print.html 2/2

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy