How do I configure the ProxySG appliance to detect DoS and or DDoS traffic from a client without enforcing actions on the client(s)?
search cancel

How do I configure the ProxySG appliance to detect DoS and or DDoS traffic from a client without enforcing actions on the client(s)?

book

Article ID: 166030

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

The ProxySG appliance attack detection feature added in SGOS 6.5.2.1 allows both detection and prevention of denial-of-service (DoS) and or distributed denial-of-service (DDoS) traffic from client hosts.

 

Resolution

To detect attack traffic and log incidents when the defined attack thresholds are exceeded without enforcing any action against the clients, you must use monitor-only mode. Limits can be applied at both the network and client levels.
 
To enable monitor-mode:
 
SGOS# configure terminal
SGOS#(config) attack-detection
SGOS#(config attack-detection) client
SGOS#(config client) default monitor-only

By default the feature is disabled.
 
For further information, refer to the "Preventing Denial of Service Attacks" chapter in the SGOS Administration Guide.
Powered by Wolken Software