The BIG-IP AFM system includes a wide variety of features to detect and mitigate against Network, SIP and DNS related DoS/DDoS
BIG-IP AFM uses industry standard Network, DNS and SIP attack vectors, or signatures, that can be configured to detect and mitigate DoS/DDoS attacks.
Dynamic signatures are created by AFM DoS/DDoS Protection based on changing traffic patterns over time. When a unique DoS attack is detected, a dynamic signature is created and can then be used for DoS/DDoS protection.
Custom Attack Signatures
You can create custom DoS/DDoS attack signatures for network and DNS traffic patterns and packets that do not match either the default or dynamic attack signatures.
Bad Actor Detection
Bad Actor detection identifies IP addresses that engage in attacks targeting many
destinations. The AFM system can automatically blacklist Bad Actor IP addresses with specific
thresholds and time limits.