• Attack Categories and DDoS architecture components:
    • Volumetric – Flood-based attacks that can be L3-4 or L7
      • Cloud-based Scrubbing Service (Silverline)
      • Web Application Firewall (ASM)
      • GTM Express
    • Asymmetric – Attacks designed to invoke timeouts or session-state changes
      • Web Application Firewall (ASM)
    • Computational – Attacks designed to consume CPU and memory
      • Application Delivery Controller (LTM)
        • Slowloris attack migration
        • Adaptive connection reaping (computational-RAM attack)
      • Network Firewall (AFM)
    • Vulnerability-based – Attacks that exploit software vulnerabilities
      • IP Reputation Database (IPI)
        • DNS configuration is required for this functionality
      • Intrusion Prevention/Detection Systems (IDS/IPS) – ASM Negative Security
      • Application Delivery Controller (LTM)
  • Attacks mitigated based on component
    • SilverLine DDoS Protection
      • Volumetric floods
      • Amplification (NTP, SNMP, DNS)
      • Protocol whitelisting
    • AFM/LTM
      • SYN floods
      • ICMP floods
      • Malformed packets
      • TCP floods
      • Known bad actors
    • LTM/ASM
      • Slowloris (LTM aggressive connection reaping)
      • Slow POST (LTM aggressive connection reaping)
      • Apache Killer
      • RUDY/Keep Dead
      • SSL attacks
    • GTM (DNS Express)
      • UDP floods
      • DNS floods
      • NXDOMAIN floods
      • DNSSEC attacks