zone protection test doc.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

zone protection test doc.

Not applicable

Hello all.

I tested some of the DOS/DDOS tool set against PA-4050.

I want to share my humble doc to you.

some of them still remain question to me.. I'll open the support case for that.

if you have some input, please email me.

thank you~.

BH Lee

2 REPLIES 2

L4 Transporter

Hello Lee

Thank you for the detailed analysis. From looking at your document, i see that the victim is DDOS_External zone and you have applied the zone protection in the DDOS_Internal zone. All your traffic logs show the source and destination zone to be DDOS_Internal zone.

Zone protection profile must be applied to the destination zone, the zone where the victim is connected. Can you pls confirm your topology is correct representation of how the devices are physically connected?  I would like to look at the configuration on your device.

Thank you

Jerish

Not applicable

thank you for the response.

as you recommended(destination zone), I only applied the zone protection profile where victim is reside.

but the test result is same..

when UDP dst port is fixed, both zone protection and dos protection failed to enforce it's rule.

more interesting one is.. when sending '19)non spoofed DNS attack' packet, the pkt_recv cnt never goes up.. the rate is remain same..(firmware 3.1.7 and firmware 4.0.1 show same result)

is there anything that I'm missing?

I'm drawing the blank..

Global counters:
Elapsed time since last sampling: 374.668 seconds

name                                 value     rate severity  category  aspect    description
--------------------------------------------------------------------------------
pkt_recv                              1081        2 info      packet    pktproc   Packets received
pkt_sent                               685        1 info      packet    pktproc   Packets transmitted
pkt_alloc                              446        1 info      packet    resource  Packets allocated

any input will be appreciate.

thank you very much.

BH Lee

  • 3726 Views
  • 2 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!