Forum Discussion

dechir_21483's avatar
dechir_21483
Icon for Nimbostratus rankNimbostratus
Nov 18, 2012

DDOS

HI.

 

I need to configure ddos prevention on our ASM module ( big ip 8900).

 

My questions is:

 

1-what means by TPS ? is it request ?

 

2- What is the best practice to configure ddos prevention? TPS-based or latancy based ? and what are the best parameters ?

 

Best Regards.

 

APM
app sec
security

5 Replies

Sort By
  • Mike_Maher's avatar
    Mike_Maher
    Icon for Nimbostratus rankNimbostratus
    Nov 19, 2012
    TPS stands for Transaction per Second. I am not sure if there is a best practice between the two I am in the process of implementing TPS based protection on my critical applications. The parameters are really going to be subject to your application and infrastructure, you need to look at what the TPS is currently and historically for the applications you are planning to protect, so you can determine what is normal and what is peak traffic for said application. One other thing you could look at would be at what point does the application or infrastructure tip over and set your threasholds somewhere between that and your historical high water mark for peak traffic.

     

     

  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Nov 19, 2012
    Mike, just out of interest would you know what the definition of a transaction is please?
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Nov 19, 2012
    I think a TPS for this ASM DoS scenario is an HTTP request/response.

     

     

    Aaron
  • Mike_Maher's avatar
    Mike_Maher
    Icon for Nimbostratus rankNimbostratus
    Nov 19, 2012
    I believe it is just defined as a single request so one GET or POST. Technically one page could contain multiple requests with the loading of images, stylesheets, and the like.