Personal Stateful Firewall Overview
Cisco ASR 5000 Series Product Overview ▄
Supported Features
The Personal Stateful Firewall supports the following features:
Protection against DoS Attacks
Application-level Gateway (ALG) Support
Stateful Packet Filtering and Inspection Support
Stateless Packet Filtering and Inspection Support
Host Pool, IMSI Pool, and Port Map Support
Flow Recovery Support
SNMP Thresholding Support
Logging Support
Protection against Denial-of-Service Attacks
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks can deprive network resources/services
unavailable to its intended users.
DoS attacks can result in:
A host consuming excessive resources — memory, disk space, CPU time, etc. — eventually leading to a system
crash or providing very sluggish response.
Flooding of the network to the extent that no valid traffic is able to reach the intended destination.
Confusing target TCP/IP stack on destination hosts by sending crafted, malformed packets eventually resulting
in system crash.
DoS attacks can destroy data in affected mobile nodes. Stateful Firewall is designed to defend subscribers and prevent
the abuse of network bandwidth from DoS attacks originating from both the Internet and the internal network.
Types of Denial-of-Service Attacks
Personal Stateful Firewall can detect the following DoS attacks.
The DoS attacks are listed based on the protocol layer that they work on.
IP-based Attacks:
To Next Page
Loading...
