How can I solve a DDoS attack on a vswitch?

Source: Internet
Author: User

There is a virus in a machine in a LAN. If the virus is not eliminated and isolated in time, other machines will soon be infected with the virus. Once the virus is infected with the whole site machine, the network anti-virus will be disabled, and a large amount of manpower and material resources will be invested in repeated checks; otherwise, the system will be damaged, and Internet cafes will be forced to shut down. Internet cafe owners are talking about viruses. Those who have experience in managing Internet cafes or data centers must know that viruses on machines are a headache, in particular, Intranet server DDoS attacks and switch DDoS attacks directly affect the security of Internet cafes. This article describes how to solve this problem.

1. install filtering software on PC

Similar to ARP defense software, it monitors all packets in the NIC and compares them with the content set by the software. Limited by the processing capability of the software itself, this type of software generally only filters TCP protocol, but does not filter UDP, ICMP, ARP and other packets used by a large number of games and video applications in Internet cafes.

2. Add firewall before key devices

Add a firewall before a key device to filter out DDoS attacks initiated by an intranet PC to a key device. This method installs a hardware firewall in front of each core network device, such as a core switch, router, or server, the overall protection cost is too high, which makes the solution unable to fully protect key devices in Internet cafes. At present, the overall firewall passing capability and protection capability of about 2-3 RMB is about 60 MB.

3. filter all DDoS attacks on the network through the Security Switch

Through the built-in hardware DDoS defense module of the switch, each port filters the received DDoS attack packets based on hardware. At the same time, when the switch enables DDoS attack defense, it also enables its own protocol protection to ensure that its CPU is not affected by DDoS packets.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.