Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Chapter 8. Through ASA Using NAT > Defining Connection Limits with NAT Rules

    Defining Connection Limits with NAT Rules

    The ASA algorithm supports the definition of acceptable connection limits within address translation statements. One key usage of this feature is the contention of Denial of Service (DoS) attacks to specific hosts (typically servers). DoS mitigation for client side addresses is analyzed in Chapter 11, “Additional Protection Mechanisms.”

    Example 8-27 demonstrates how a limit for the number of simultaneous UDP connections can be defined for a host whose IP is being published with the static command. The example emphasizes that, after the configured number of 25 connections is reached, ASA stops accepting new requests.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial