Chapter 9. Mitigating Attacks with Screens and Flow Settings

9.0. Introduction

In the world of computer and network security, there are myriad ways to launch an attack, which, from a network perspective, can generically be defined as “traffic that has malicious intent.” There are certainly computer attacks that no firewall can prevent, such as those executed locally on the machine by a malicious user (and those executed on a machine by an implement such as a sledgehammer). Fortunately, however, these types of threats are often handled by a physical security infrastructure. Unfortunately, the network then becomes a convenient launching point for an attack for those without physical access. From the network’s perspective, there are numerous types of attack. Although it’s a vast oversimplification, for the purposes of discussing screens and flow settings, we can group attacks into two types: brute force and precision. ScreenOS has the capability to protect against both types of attack.

Under the category of brute force attacks, perhaps none are better known than those that fall under the Denial of Service classification. Denial of Service (DoS) attacks are one of the most well-known network security threats, largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by DoS attacks, and these events have, not surprisingly, received enough media attention to make DoS attack ...

Get ScreenOS Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.