APIRef_tm_security_dos_device-config¶
mgmt/tm/security/dos/device-config
Global device DoS profile configuration
REST Endpoints
- Collection URI
/mgmt/tm/security/dos/device-config- Collection Methods
OPTIONS, GET- Resource URI
/mgmt/tm/security/dos/device-config/~resource id- Resource Methods
OPTIONS, GET, PUT, PATCH, POST- Resource Natural Key
name, partition, subPath
Properties
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
autoThresholdSensitivity |
integer | 50 | optional | read/write | Deprecated settings. |
logPublisher |
string | optional | read/write | List of log destinations | |
tmPartition |
string | Common | optional | read/write | |
thresholdSensitivity |
string | medium | optional | read/write | Guidance of how aggressively to learn thresholds for Autodos and Behavioral DoS (dynamic signatures) features. |
Structures
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
/dynamic-signatures |
array_structure | optional | read/write | ||
/dynamic-signatures/detection |
string | disabled | optional | read/write | Specifies the detection mode for dynamic signatures feature at device level. |
/dynamic-signatures/mitigation |
string | none | optional | read/write | Specifies the mitigation mode for dynamic signatures feature at device level. |
/dynamic-signatures/scrubber-advertisement-period |
integer | 300 | optional | read/write | Specifies the advertisement period for which the attack traffic is scrubbed. Default is 300 seconds. |
/dynamic-signatures/scrubber-category |
string | optional | read/write | Specifies the IP Intelligence category used for scrubbing the attack traffic upon dynamic signature match that constitutes destination IP address component. Default category is ‘attacked_ips’. | |
/dynamic-signatures/scrubber-enable |
string | no | optional | read/write | Enables scrubbing the attack traffic feature upon dynamic signature match. Default is ‘no’ (disabled). |
/dynamic-signatures/detection |
string | disabled | optional | read/write | Specifies the detection mode for dynamic signatures feature at device level. |
/dynamic-signatures/mitigation |
string | none | optional | read/write | Specifies the mitigation mode for dynamic signatures feature at device level. |
/dynamic-signatures/scrubber-advertisement-period |
integer | 300 | optional | read/write | Specifies the advertisement period for which the attack traffic is scrubbed. Default is 300 seconds. |
/dynamic-signatures/scrubber-category |
string | optional | read/write | Specifies the IP Intelligence category used for scrubbing the attack traffic upon dynamic signature match that constitutes destination IP address component. Default category is ‘attacked_ips’. | |
/dynamic-signatures/scrubber-enable |
string | no | optional | read/write | Enables scrubbing the attack traffic feature upon dynamic signature match. Default is ‘no’ (disabled). |
Array Structures
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
/dos-device-vector |
array_structure | optional | read/write | List of DoS vectors | |
/dos-device-vector/allow-advertisement |
string | disabled | optional | read/write | |
/dos-device-vector/auto-blacklisting |
string | disabled | optional | read/write | Enables automatic blacklisting of offending IPs |
/dos-device-vector/auto-threshold |
string | disabled | optional | read/write | Enables the auto mode for dos detection and mitigation |
/dos-device-vector/bad-actor |
string | disabled | optional | read/write | Enables bad actor detection and mitigation |
/dos-device-vector/blacklist-category |
string | optional | read/write | Blacklist category (of IP intelligence) to which this IP should be added. | |
/dos-device-vector/blacklist-detection-seconds |
integer | 60 | optional | read/write | Duration in seconds for which the IP has been offending. |
/dos-device-vector/blacklist-duration |
integer | 14400 | optional | read/write | Duration in seconds for which this IP should be blocked. |
/dos-device-vector/ceiling |
string | 2147483647 | optional | read/write | Option to set a max value(default = default-internal-rate-threshold * 2) for default-internal-rate-threshold for the vector |
/dos-device-vector/default-internal-rate-limit |
string | 2147483647 | optional | read/write | Traffic rate limit to BIG-IP (packets per-second) |
/dos-device-vector/detection-threshold-percent |
string | 2147483647 | optional | read/write | Attack detection threshold (percent increase) |
/dos-device-vector/detection-threshold-pps |
string | 2147483647 | optional | read/write | Attack detection threshold (packets per-second) |
/dos-device-vector/enforce |
string | enabled | optional | read/write | Enable or disable the packet drop action and DOS detection for this attack type |
/dos-device-vector/floor |
string | 100 | optional | read/write | Option to set a min value(default = detection-threshold-pps/2) for Detection Threshold for the vector |
/dos-device-vector/packet-types |
string | optional | read/write | Type of packets that will be classified as Sweep/Flood attack | |
/dos-device-vector/per-source-ip-detection-pps |
string | 2147483647 | optional | read/write | Attack detection threshold (pps) per source IP |
/dos-device-vector/per-source-ip-limit-pps |
string | 2147483647 | optional | read/write | Attack mitigation threshold (pps) per source IP |
/dos-device-vector/simulate-auto-threshold |
string | disabled | optional | read/write | Option to enable/disable auto-threshold simulation by generating logs |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.