Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 419 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intrusion prevention - DoS Settings

cyberguy

Hello commuity.
I'm trying to set up the DoS Protection, but, I'm not sure about the values to set.

With a 100MB/s of internet speed how could be the numbers?

I tried to set these number, but, it still dropping a lot of good traffic:
Packet rate per Source (Packet/min): 240000
Burst rate per Source (Packet/sec): 4000

Do you have any suggestion? is there a way to calculete the parametres?

Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    Basically it depends. Most customer i see, disable the DOS protection, as nowadays, most customers interact with the ISP to get a DDOS protection at a much higher level. 

    Basically XG DOS Settings protect you per source. Most attacks are DDOS, so this will not hit. And the packets still arrives at your Interface. So even if you drop them on the firewall, it still overload your interface on WAN. Yes it will not be forwarded to the Host - But only if you are exposing a Host (DNAT). Proxy services have another level of DOS protection (WAF). 

    So the question remains, whether you will enable it or not. 

Reply
  • 0

    Basically it depends. Most customer i see, disable the DOS protection, as nowadays, most customers interact with the ISP to get a DDOS protection at a much higher level. 

    Basically XG DOS Settings protect you per source. Most attacks are DDOS, so this will not hit. And the packets still arrives at your Interface. So even if you drop them on the firewall, it still overload your interface on WAN. Yes it will not be forwarded to the Host - But only if you are exposing a Host (DNAT). Proxy services have another level of DOS protection (WAF). 

    So the question remains, whether you will enable it or not. 

Children
No Data