Denial-of-Service (DoS) attacks target critical network devices and attempt to consume their memory, bandwidth, and CPU cycles to prevent legitimate users from accessing those devices and their services. Use the guidelines in this site to plan, deploy, and maintain DoS and Zone Protection, and stop DoS attacks.
Table of Contents
What Do You Want to Do?
Segment Your Network Using Interfaces and Zones
How Do Zones Protect the Network?
Knowing how segmenting your network with zones protects your network helps you understand the best ways to segment your network.
Take Baseline CPS Measurements for Setting Flood Thresholds
Taking baseline measurements of average and peak CPS for each zone helps define reasonable thresholds to prevent floods without unnecessarily throttling traffic.
DoS Protection Against Flooding of New Sessions
Configure Packet Buffer Protection