I have a DoS profile with enabled TPS-based mode.
I configured it by src IP, GeoIP, URL and by site with different TPS criteria. I'm using only Request Block method of mitigation.
Question: how F5 should try to mitigate attack which exceed TPS criteria eg. by GeoIP? - strike up for blocking all src IP from suspicious GeoIP or any more specific activity? How it works in relation with "Escalation period"?
ASM DoS Profile
Excellent slide deck! Thanks you!
if that answered your question please flag it as such.