Manual Chapter : About AFM DoS/DDoS Protection

Applies To:

Show Versions Show Versions

BIG-IP AFM

  • 15.0.0
Manual Chapter

About AFM DoS/DDoS Protection

BIG-IP Advanced Firewall Manager (AFM) denial-of-service or distributed denial-of-service (DoS/DDoS) Protection is one of four AFM core features:
Network Firewall
Controls access to application resourcesusing industry-standard firewall-based rules.
DoS/DDoS Protection
Monitors and mitigates against denial-of-service and distributed denial-of-service (DoS/DDoS) attacks.
IP Intelligence
Restricts or allows data center access based on lists of source IP addresses (feed lists).
Reporting
Provides detailed graphical reports about network attack events.
AFM DoS/DDoS Protection is designed to protect your data center from attacks by detecting and mitigating a wide range of malicious traffic patterns and packet types. Malicious traffic patterns and packets are also referred to as
attack vectors
or
attack signatures
.
An effective DoS/DDoS solution blocks attack traffic while allowing legitimate traffic.

Automatic Detection and Mitigation

You can configure BIG-IP AFM to automatically detect and mitigate DoS/DDoS attacks using a wide variety of custom and default attack vectors. You can also enable the BIG-IP AFM Dynamic Signature feature to create new attack signatures and mitigate attacks based on traffic patterns that change over time.

Manual Detection and Mitigation

An effective DoS/DDoS protection solution requires an in-depth traffic analysis to determine the baseline traffic patterns and thresholds, as well as attack patterns and thresholds. Once a traffic analysis is complete, you can determine the appropriate DoS/DDoS attack vectors, and manually configure the detection and mitigation thresholds for each.