For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

DDoS Mitigation With BIG-IP AFM

In a list of attack vectors that you would NOT want to see aimed at your network, a Distributed Denial of Service (DDoS) attack would most certainly make anyone’s top ten.  DDoS has been a hot to...
Published Mar 29, 2016
Version 1.0
AFM
ddos
security
series-devcentral-basics
svs's avatar
svs
Icon for Cirrostratus rankCirrostratus
Jan 25, 2017

Hi John,

 

thanks for the article. Unfortunately it does not cover how to find out the right values for all those fancy attack types TMOS can detect and stop. There are differences based on BIG-IP/VIPRION hardware and of course there are differences in the backend hardware. The BIG-IP i5800 has default a value for pps of 2.147.483.647. This number of pps is much to high for a "standard" Virtual Machine server.

 

There is a Whitepaper from David Holmes, listing Best Practices to mitigate DDoS attacks (https://f5.com/resources/white-papers/f5-ddos-protection-recommended-practices), but unfortunately it's completely outdated. It would be great if this would be updated, based on the most recent TMOS versions and features.

 

Greets, Sven