I have a setup of Big-IP LTM+ASM to load balance and secure various application.
Recently I did a configuration for load balancing my DNS Servers via iApp and it is working fine.
Now I want to protect my DNS Servers from various attack (especially DDoS). is it possible to block DDoS attack against DNS Servers via ASM?
If not how can I protect my DNS Servers from DDoS attack, any advice would be highly appreciated?
siru - i believe this depends on what version of ASM you have. If i recall DNS DoS protection was part of Protocol Security Manager, which then went end of sale and was integrated into ASM. You would need to create a DoS Profile and enabled DNS security. This would be applied to a Virtual Server. I think from 11.4.x this functionality was moved to F5's Advanced Firewall Manager instead, again same process.
Hope this helps - and hope and DNS experts could correct me if incorrect.