Results 1 to 11 of 11
  1. #1

    recommended external firewall...

    hey,
    i have 15 dedicated servers connected to a cisco 2960 switch
    i want to setup gateway firewall to block DDOS attacks over my network.
    i need recommendation for a good firewall that can block attacks up to 100mbps

    thanks.

  2. #2
    Join Date
    Nov 2003
    Posts
    538
    The Mbps really isn't that big of a deal, the issue you will run into is firewalls have a finite number of sessions that they can track in their state table before they just starting dropping all of your packets. The sad part is that a lot of firewall manufacturers actually use the session limit as a licensing metric to get you to upgrade your firewall with a key.

    So you can Null route the traffic, or forward it to a scrubber assuming that this solution makes sense financially.
    XLHost.com
    Dedicated Servers, Virtual Private Servers, and more since 1995.
    drew @ xlhost.com

  3. #3
    so if i want to prevent the attack without using null route?
    there is other solution?

  4. #4
    Join Date
    Feb 2012
    Location
    /home
    Posts
    333
    http://www.worldsfastestfirewall.com/

    Dont know if its in ur budget or now

  5. #5
    Join Date
    Nov 2003
    Posts
    538
    Yes, there are solutions, all of them are pretty cost prohibitive except for Cloudflare (which is free) and there is always some point where the volume of traffic is going to overwhelm your willingness to pay for the solution.
    XLHost.com
    Dedicated Servers, Virtual Private Servers, and more since 1995.
    drew @ xlhost.com

  6. #6
    Join Date
    Jan 2011
    Location
    UK
    Posts
    132
    SYN cookies?

  7. #7
    not only, UDP too

  8. #8
    Join Date
    Feb 2012
    Location
    /home
    Posts
    333
    It could be Possible that the attacks are Spoofed SYN,UDP

  9. #9
    Join Date
    Nov 2003
    Posts
    538
    Quote Originally Posted by atomiclayer View Post
    http://www.worldsfastestfirewall.com/

    Dont know if its in ur budget or now
    I have a feeling that his uplink(s) would saturate before that particular solution had a chance to help him.
    XLHost.com
    Dedicated Servers, Virtual Private Servers, and more since 1995.
    drew @ xlhost.com

  10. #10
    Join Date
    Feb 2012
    Location
    /home
    Posts
    333
    Quote Originally Posted by XLHost View Post
    I have a feeling that his uplink(s) would saturate before that particular solution had a chance to help him.
    Well My Provider has the firewall and i get spoofed attacks

    UDP and SYN, and also UDP and Slowloris attacks

    the Fortinet firewall they have manages to carry out and block the attacks.

  11. #11
    Join Date
    Jan 2011
    Location
    UK
    Posts
    132
    Installing/improving firewall(s) and adding switches to your dedicated server help.

Similar Threads

  1. Recommended Firewall?
    By empoweri in forum Colocation, Data Centers, IP Space and Networks
    Replies: 16
    Last Post: 09-22-2007, 08:39 PM
  2. Firewall, external box
    By attroll in forum Colocation, Data Centers, IP Space and Networks
    Replies: 14
    Last Post: 02-01-2007, 07:11 AM
  3. external firewall
    By Nygaff in forum Hosting Security and Technology
    Replies: 1
    Last Post: 07-17-2004, 02:57 PM
  4. Recommended Hardware Firewall
    By Alan - Vox in forum Hosting Security and Technology
    Replies: 30
    Last Post: 12-16-2002, 12:46 PM
  5. recommended firewall on a redhat server
    By 7thdesire in forum Running a Web Hosting Business
    Replies: 8
    Last Post: 10-16-2002, 08:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •