Demonstration of Device DoS and Per-Service DoS protection

Dear Reader, This article is intended to show what effect the different threshold modes have on the Device and Per-Service (VS/PO) context. I will be using practical examples to demonstrate those ef...

Published Apr 08, 2020

Version 1.0

series-defense-against-ddos

threshold

Sven_Mueller

Ret. Employee

Joined February 03, 2011

View Profile

Sven_Mueller

Ret. Employee

Joined February 03, 2011

View Profile

Max_P

Nimbostratus

Jan 18, 2023

Hi Sven!

Thanks so much for your posts and sharing your scripts.

I've a question regarding the scripts, I was checking with the scripts one PO that has manually configured thresholds, and the value that is shown in the detection column doesn't correspond with the mitigation value divided by the tmm count.

Specifically, it was tested on an i5800 running BIG-IP 16.1.2.2 version, DDoS 16.1.0-9.0.20 version, and the mitigation threshold value is 4000 eps, the detection that is shown running the script is 1736.

Is something changed from where the scripts takes this value? or there is anotherway to see the detection per tmm?

Thanks!

Maxi

Demonstration of Device DoS and Per-Service DoS protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS