Manual Chapter :
Managing DoS Protection on managed devices
Applies To:
Show VersionsBIG-IQ Centralized Management
- 8.3.0, 8.2.0, 8.1.0, 8.0.0
Managing DoS Protection on managed devices
About device DoS configurations
The Device DoS Configurations screens are used to to manage the DoS Protection configured on managed BIG-IP devices.
Edit device DoS configurations
You can view and edit device DoS configuration properties using the Device DoS
Configuration Properties screen to better protect your systems against DoS
attacks.
- Click.
- In the Device DoS Configurations screen, click the name of the device configuration to view or edit.
- From theLog Publisherlist, specify whether to use a log publisher, and if so, which one.
- Below theLog Publisherlist, there might be a threshold field, depending on the version of BIG-IP device you are managing.
- If you are managing a BIG-IP device version 12.1.x, you can use theAuto Threshold Sensitivityfield to select a sensitivity value between 1 - 100.
- If you are managing a BIG-IP device version 13.0.x or later, you can use theThreshold Sensitivityfield to select the sensitivity.
- In the Network Security Dynamic Signatures area, select the settings for dynamic signatures. This setting is available only for BIG-IP devices version 13.0 or later.
- Specify theEnforcementsetting for Network Security dynamic signatures.
- To enable enforcement of dynamic DoS vectors, selectEnabled. When enforcement is enabled, all thresholds and threshold actions are applied. Enabling enforcement displays additional options.
- To apply no action or thresholds to dynamic vectors, selectDisabled.
- To track dynamic vector statistics, without enforcing any thresholds or limits, selectLearn-Only.
- Specify theMitigation Sensitivityfor dynamic signatures.
- In theRedirection/Scrubbingsetting, select whether to enable redirection and scrubbing of IP addresses identified by dynamic vectors. This enables handling of the dynamic vector hits by an IP intelligence category. Enabling redirection and scrubbing displays additional options.
- In theScrubbing Categorysetting, select the IP intelligence denylist category to which scrubbed IP addresses are sent.
- In theScrubbing Advertisement Timesetting, type the duration in seconds for which an IP address is added to the denylist category.
- In the DNS Security Dynamic Signatures area, select the settings for DNS Security dynamic signatures. This setting is available only for BIG-IP devices version 13.0 or later.
- Specify theEnforcementsetting for dynamic signatures.
- To enable enforcement of dynamic DoS vectors, selectEnabled. When enforcement is enabled, all thresholds and threshold actions are applied. Enabling enforcement displays additional options.
- To apply no action or thresholds to dynamic vectors, selectDisabled.
- To track dynamic vector statistics, without enforcing any thresholds or limits, selectLearn-Only.
- Specify theMitigation Sensitivityfor dynamic signatures.
- In the Attack Types Category area, click the category row to expand it so you can view or modify attack types within the category.
- In the Attack Types list, click the name of an attack type to modify its properties. Note that some properties are read-only.
- When you are finished modifying an attack type, clickOKto save your changes to that attack type.
- When you are finished modifying all attack types for the BIG-IP device, save your changes.
Copy device DoS configurations
You enable device DoS event logging using the the devices displayed in the list. When enabled, you can view these device DoS events using the
screens.For managed devices running versions earlier than 13.1.0.5, you can only view events from
screens.- Click.The Device DoS Configurations screen opens.
- To copy a DoS configuration from one BIG-IP device to another, click the check box to the left of the device to copy from and clickCopy.The Copy Device DoS Configuration dialog box opens.
- In the dialog box, select the devices to which the configuration should be copied and clickOK.The BIG-IP device versions must be the same for the device being copied from and the one or more devices to which the configuration is being copied.
The device DoS configuration is copied to the one or more other devices.