How to fix the DDoS attack on the switch

Have Internet cafes or computer room management experience friends must know that the virus in the machine is very annoying things, especially the intranet server DDoS attacks and switch DDoS attacks, directly affect the security of Internet Café Network, to share solutions to this problem.

1, install the filter software on the PC

It is similar to the ARP defense software, by monitoring all the messages in the network card and compare it with the content set by the software itself. Limited by the software's own processing capacity, this type of software generally only filters TCP protocol, and the Internet cafes in a large number of games, video applications using UDP, ICMP, ARP and other messages do not filter.

2, the key equipment before adding a firewall

Key equipment before the installation of a firewall, filtering the intranet PC to the key equipment launched by the DDoS attack, the method in each core network equipment such as the core switch, router, server before installing a hardware firewall, the overall cost of protection is too high, so that the scheme can not be a large number of key equipment to carry out At present, about 230,000 of the firewall overall through the ability and protection capacity of around 60M.

3, through the security switch filter all DDoS attacks in the network

Through the switch built-in hardware DDoS defense module, each port for the received DDoS attack packets, hardware based filtering. At the same time, the switch enables the protection of its own protocol while opening DDoS attack defense, to ensure that its CPU is not affected by DDoS packets.

A local area network has a computer in the virus, if not timely anti-virus and isolation, other machines will soon be infected with the virus. Once the virus infected the whole machine, light cut off the net anti-virus, put a lot of manpower and material resources repeatedly check, heavy system damage, Internet cafes were forced to suspend business.