Welcome TO Our CCIT Communication System

The switch is attacked by the DDoS and how to defend

2018-05-28 10:00:57

There is a virus in a local area network. If the virus is not promptly killed and isolated, other machines will soon infect the virus. Once the virus infect the whole machine, it breaks down the net to kill the virus, and put in a lot of manpower and material resources to check it again and again. Internet cafe owners of the virus can be described as a color change, there have been Internet cafes or computer room management experience friends must know that the virus in the machine is a very headache, especially the internal network server DDoS attacks and switch DDoS attacks, directly affecting the network security problems, this paper to share the solution of this problem.

1. Install filter software on PC

It is similar to the ARP defense software, by monitoring all the packets in the network card, and comparing it with the content set by the software itself. Limited to the processing capability of the software itself, the type of software generally only filters the TCP protocol, but does not filter the UDP, ICMP, ARP, and other messages used in a large number of games and video applications in the Internet cafes.

2. Add a firewall before the key equipment

A firewall is set up before the key equipment to filter the DDoS attack launched by PC to key equipment. This method installs a hardware firewall in each core network equipment, such as core switches, routers, and servers, and the overall cost of protection is too high, making it impossible for the scheme to fully protect the many key equipment of the network bar. At present, the firewall's overall passing capacity and protection capacity of about 2-3 yuan are around 60M.

3, filter all the DDoS attacks in the network through the security switch.

Through the built-in hardware DDoS defense module of the switch, each port carries out hardware based filtering on the DDoS attack message received. At the same time, the switch enables DDoS protocol defense while opening its own protocol protection to ensure that its CPU is not affected by the DDoS message.