How can I protect my DNS Servers from DDoS attack via LTM+ASM

Question

Hi
I have a setup of Big-IP LTM+ASM to load balance and secure various application. &nbsp;
Recently I did a configuration for load balancing my DNS Servers via iApp and it is working fine. &nbsp;
Now I want to protect my DNS Servers from various attack (especially DDoS). is it possible to block DDoS attack against DNS Servers via ASM? &nbsp;
If not how can I protect my DNS Servers from DDoS attack, any advice would be highly appreciated?&nbsp;

nathe · Answer

siru - i believe this depends on what version of ASM you have. If i recall DNS DoS protection was part of Protocol Security Manager, which then went end of sale and was integrated into ASM. You would need to create a DoS Profile and enabled DNS security. This would be applied to a Virtual Server. I think from 11.4.x this functionality was moved to F5's Advanced Firewall Manager instead, again same process.&nbsp;
Hope this helps - and hope and DNS experts could correct me if incorrect.&nbsp;
Many thanks,&nbsp;
N&nbsp;

Forum Discussion

How can I protect my DNS Servers from DDoS attack via LTM+ASM

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

L7 DoS Protection with NGINX App Protect DoS

Managing NGINX App Protect WAF for Beginners

F5 Essential App Protect: Go !

Protecting APIs with NGINX App Protect