Portal Home > Knowledgebase > Articles Database > Advise on firewall
Advise on firewall
Posted by hbhb, 09-13-2009, 04:37 AM |
I'm pretty new in this situation, so pls bear with me.
1. My Windows2008 server was under 40mb DNS + ECHO attack today, and I was told there isn't workaround solution other than implementing hardware firewall. Is that true?
2. If this is true, say if I get myself a h/w firewall, I want to make my money worth while protecting the rest of my 15 servers on the same rack (Windows 2003 + 12 Linux servers). Is that possible?
3. I suppose by theory, this is how it works
Internet <--> DC Router <--> DC Switch <--> My Firewall <--> My Switch <--> My Server(s)
Enlight me and if there is better suggestion than this.. as I do not wish my service to be interupted when there are such attack in the future. FYI, this is the second time my Win2008 server under DNS attack.
|
Posted by hbhb, 09-14-2009, 02:35 AM |
Any advise on this, anyone?
|
Posted by Xous, 09-14-2009, 02:56 AM |
Hi hbhb,
If a DDoS saturates your uplink a hardware firewall will not do any good. If you can't afford to pay for the bandwidth the DDoS eat's it's likely that your DC won't host you.
A hardware firewall can take the load off your servers if it's configured properly and detects the attack.
You might try a hosting provider that specializes in DDoS protection. (This will be expensive).
|
Add to Favourites Print this Article
Also Read