Forum Discussion

Shinichi_Kawai's avatar
Shinichi_Kawai
Icon for Nimbostratus rankNimbostratus
Jun 26, 2025

Inquiries about Advanced WAF DoS Protection

Hi All, The customer using the BIG-IP i2800 with v17.1 has some questions regarding the Advanced WAF "DoS Protection" feature. Hoping you can help me with a few things below:   1. What is the defi...
security
Shinichi_Kawai's avatar
Shinichi_Kawai
Icon for Nimbostratus rankNimbostratus
Jun 27, 2025

Thanks for the quick reply, Injeyan! Here is my understanding:
- 1 HTTP request (L7) is counted as 1 transaction.
- Advanced WAF does not handle lower layers information such as TCP headers (L4) and IP headers (L3).

Q2 and Q3 are now clear as well.

  • Injeyan_Kostas's avatar
    Injeyan_Kostas
    Icon for Nacreous rankNacreous
    Jun 27, 2025

    Yes 1 Http request is 1 transaction 

    Waf itself is handling only L7. BIG-IP though has also some LTM funcionaltites even when only Waf is provisioned which you can use like SYN cookie protection.

    • Shinichi_Kawai's avatar
      Shinichi_Kawai
      Icon for Nimbostratus rankNimbostratus
      Jun 28, 2025

      Thanks Injeyan for the additional comment!
      I will propose some effective LTM functionalities along with adding the Advanced WAF DoS Protection feature.
      Since the customer has been experiencing DoS attacks about twice a month, they’re hoping to quickly implement protection using their existing BIG-IP i2800.