cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

How does ASM's dos strategy return the interception response page

longyuan
Altostratus
Altostratus

How does ASM's dos strategy return the interception response page? Is it possible to achieve DoS protection for behavioral and stress-based interception and return to the response page through irules?

3 REPLIES 3

Hi longyuan,

 

Behavioral DoS is much more effective against mitigating multi-vector Layer 7 DoS attacks.

Stress-based DoS is better at defining specific rate limits.

Technically it is possible to configure both protections concurrently, complementing each other.

From experience I recommend against configuring both of them together. BaDOS alone is fine, it works reliable. Setting threshold values for for stress-based mitigation can be cumbersome and is error prone.

 

Details about the mitigation methods can be read here:

https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/preventing-dos-attacks-on-applications.html

 

KR

Daniel

longyuan
Altostratus
Altostratus

How to set the intercept response page for dos attack?

There in no response page you can configure, attackers will get a TCP reset.

See here: K04550557: Overview of BIG-IP ASM blocking response