Views:

It is very common for traffic to be asymmetrical in both Service Provider and larger Enterprise networks due to the nature of routing within a large, complex environment with multiple entry and exit points. Since the bulk of the IPS filters are flow-based (meaning state kept per flow versus per session), attacks are detected in either send or receive directions.

By default, the TPS (T/TX/TXE Series) devices ship in Symmetric mode. When using Advanced Distributed Denial of Service (DDoS) protection filters or performing SSL inspection, the device must be able to see both sides of the traffic flow. This is configured in the TPS Device Configuration (TSE Settings) tab.

DDoS filters - Infrastructure protection filters detect DDoS attacks that flood a network with requests, including traditional SYN floods, DNS request floods against nameservers, and attempts to use protected systems as reflectors or amplifiers in attacks against third parties. Advanced Distributed Denial of Service (DDoS) filters enable you to create filters to detect denial-of-service attacks.

 
NOTE: DDoS protection filters are enabled by enabling SYN Proxy and specifying the Threshold level in the Profiles area of the SMS. No other Advanced DDoS options are available on the SMS.
Comments (0)