ddos_2_en

The ASA firewall is not a great choice in dealing with a volumetric DDOS, but they can come in handy with an application layer attack, such as a common HTTP POST/GET request from the attacker.

Within the ASA, you can filter certain strings that may come from an application layer payload using the regex command. The following link provides some insight into how to set up the layer 7 ‘firewall’ to block these queries from reaching a device past the ASA.

How to block HTTP DDoS Attack with Cisco ASA Firewall | Tech 21 Century.

Further reading on regex: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100535-asa-8x-regex-config.html

About The Author

Timothy started his networking career in 2014, working for one of the largest telecommunication operators in Australia. He has a passion for networking and cyber security. When he's not working, he's obsessing over German Shepherd Dogs.