- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Large organization - looking for recommendations of AI/ML tools that we could use to augment our traffic analysis and provide DoS/DDoS protections. I know there are many different ways this could be done but I'm just looking for some 1st-hand-experience on some solutions you guys implemented successfully:
- I am not familiar w/ Palo's AI/ML offerings in this space, if any
- I am interested in if it's possible to develop some sort of in-house neural network that could analyze our traffic logs and then help DoS/DDoS protection by Security Policy creation, or black-holing
- maybe something before the firewalls, at a router level, you could recommend
Thanks. I know this might be a spicy one.
Palo Alto does not focus on DDoS mitigation: Defending from DoS and volumetric DDoS attacks. The only exception is zone protection, but this is a basic feature. Building any solution on-premise will not protect you against volumetric DDoS attacks as your lines will get clogged before your on-premise devices could mitigate the attack. If you are protecting entire infrastructure, then I would be looking into scrubbing center (Either purchase this service or built your private one). If you are protecting web services, I would be looking into WAF solution. Alternative to these would be asking your ISP to enable DDoS protection on their side on ISP level.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!