Hello
i want to make setting to resist ddos. what is your suggestion?for example what should be tcp and udp aggresive aging setting?
Thanks
Hi,
CheckPoint has a sk about "Best Practices - DDoS attacks on Check Point Security Gateway". It includes settings for aggresive aging.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk112241&partition=Advanced&product=Security
hi i know this sk. but these values are default values. i want to learn what is the best values?
My guess is that this value should be modified according to the size of the appliance on the site that you are intending to protect , modifying tcp timeout can and will impact performance
Hi,
CheckPoint has a sk about "Best Practices - DDoS attacks on Check Point Security Gateway". It includes settings for aggresive aging.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk112241&partition=Advanced&product=Security