Suspicious Control Flow Detection; Figure 26: Typical Control Packet Processing - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04 Configuration Manual
Software for e series broadband services routers system basics configuration guide
Hide thumbs
Also See for JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04:
- Configuration manual (304 pages) ,
- Reference manual (284 pages)
Table of Contents
Advertisement
JunosE 11.3.x System Basics Configuration Guide
Figure 26: Typical Control Packet Processing
Suspicious Control Flow Detection
436
To reduce the chance of a successful denial of service (DoS) attack and to provide
diagnostic abilities while undergoing an attack, the system can detect suspicious control
flows and keep state on those flows. A flow is a specific control protocol on a specific
interface from a particular source. When the system determines that a control flow is
suspicious, it can take corrective action on that control flow.
Keeping full state on each control flow can use a large number of resources. Instead, the
system detects which flows have suspicious traffic. If a control flow is marked as
suspicious, every packet associated with the flow is considered suspicious. When a packet
is marked as suspicious, it is dropped based on drop probability before being delivered
to the control processor.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
