mirror of
https://github.com/pavel-odintsov/fastnetmon
synced 2024-05-27 21:26:18 +02:00
67a1fc61cc | ||
---|---|---|
.. | ||
README.md | ||
tps_base_config_v1.txt | ||
tps_zone_config_v1.txt |
#A10 Networks Thunder TPS Appliance Configs
##Base Config v1 Functionality
- Assumes TPS receives inbound traffic only (from the Internet to the protected service)
- Rate Limiters (GLID) for 10gbps, 1gbps, and 100mbps provided for use
- Basic TCP and UDP templates provided (syn-auth, UDP-auth, and low src port filter)
- BGP configuration for auto mitigation announcements (ddos-advertise route map)
- Base sFlow export configuration
- All events logged in CEF format
##Basic Zone Config v1 Functionality
- Filters L2, L3, L4 packet anomalies (consult A10 documentation for specifics
- Drops ICMPv4, ICMPv6, and all fragments
- Performs TCP SYN Auth for TCP dest ports 21,22,25,53,80,110,143,443,587,993,995,5060,5061
- Filters well-known UDP SRC ports
- Performs UDP Auth for UDP dest port 53
- blocks all other traffic
- Creates a "incident" in the TPS GUI when seeing any packets to these dest ports.
These are just examples. Current plugin does not receive rate info from FNM. Future revisions will
Author: Eric Chou ericc@a10networks.com, Rich Groves rgroves@a10networks.com
Feedback and Feature Requests are Appreciated and Welcomed.