How does Xiplik software deal with SYN attacks or similar forms of denial of service attempts?
XipLink operates as a split-connection TCP proxy. It implements SYN caching to protect the CPU from interrupt overloads, but is still vulnerable to some forms of SYN attacks. When an attack occurs, the maximum number of accelerated connections may be reached, at which point new connections bypass wireless optimization, but continue using standard TCP communications, assuming the link is not denied. Each optimizer can selectively bypass the optimization function based on operator defined rules based using TCP ports or IP addresses, once the source of the attack is determined. What are the maximum number of sessions per unit and what happens when the maximum is hit? The maximum number of sessions a XipLink wireless optimizer can handle is fundamentally determined by the CPU and memory available. In an embedded system this may be some bounded memory assigned to the optimization function. XipLink’s XA-Series of scalable appliances range from the very low end of 2 Mbps and 50 simultaneous o
Related Questions
- What Denial of Service attacks does the CSM handle (a) natively and (b) using features in the Catalyst? How does its SYN Flood protection work?
- Will FusionVM perform buffer overflows/denial of service attacks against my network application?
- How does Xiplik software deal with SYN attacks or similar forms of denial of service attempts?
