ipv4IcmpFlood |
IPv4 flood vector. This vector detects or rate-limits IPv4 ICMP flood attacks based on the state and rate-limit configuration. It also supports per-source and per-destination IP detection for bad actor and bad destination mitigation and detection. |
ipv4FragFlood |
IPv4 flood vector. This vector detects the attack when spoofed IPv4 fragments are sent at a very high rate. Detected or dropped based on the state and rate limit configuration, it provides per-sourceIP and per-destinationIP detection and rate limiting. |
ipv6IcmpFlood |
IPv6 flood vector. This vector detects the IPv6 ICMP flood attack. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
ipv6FragFlood |
IPv6 flood vector. This vector detects the attack when spoofed IPv6 fragments are received at a very high rate. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
ipv6LowHopCount |
IPv6 flood vector. This vector detects the attack when IPv6 extended header hop count set to less than or equal to the configured value of ipv6LowHopCount. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
ipv6ExtHdrTooLarge |
IPv6 flood vector. This vector detects the attack when we receive packets which have too Large IPv6 Extension Header field based on the configured limit. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
ipv6WithExtHdrFrames |
IPv6 flood vector. This vector detects the attack with too many IPv6 Extension Headers surpassing the limit configured. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
ipv6TooManyExtHdrs |
IPv6 flood vector. This vector detects the attack with too many IPv6 Extension Headers surpassing the limit configured. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
udpFlood |
UDP flood vector. This vector prevents the UDP flood. UDP port list can be enabled for mitigation. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
tcpRstFlood |
TCP flood vector. This vector detects the attack with RST flag set in the TCP packet to tamper with internet communications. It is detected or dropped based on the state and rate limit configuration and provides detection and rate limiting per-sourceIP and per-destinationIP. |
tcpSynOversize |
TCP flood vector. This vector detects the attack traffic with TCP SYN packets larger than 64 bytes. It is detected or dropped based on the state and rate limit configuration, provides detection and rate limiting per-sourceIP and per-destinationIP. |
tcpBadUrg |
TCP flood vector. This vector detects the attack traffic with URG flag set, and the urgent pointer is 0. It is detected or dropped based on the state and rate limit configuration, provides detection and rate limiting per-sourceIP and per-destinationIP. |
tcpOptOverrunsTcpHdr |
TCP flood vector. This vector detects the attack traffic with option bits that overrun the TCP header. It is detected or dropped based on the state and rate limit configuration, provides detection and rate limiting per-sourceIP and per-destinationIP. |
tcpWindowSize |
TCP flood vector. This vector detects the attack traffic with TCP window size zero. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
synAckFlood |
TCP flood vector. This vector detects the flood of traffic with both TCP SYN and ACK flags set in the packet. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
synFlood |
TCP flood vector. This vector detects the flood of traffic with TCP SYN flag set. SYN cookie feature can be enabled for mitigative actions. Attack is detected or ratelimited based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsAQuery |
DNS flood vector. This vector detects the DNS packets with Qtype as A_QRY. Attack is detected or dropped based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsAaaaQuery |
DNS flood vector. This vector detects the DNS packets with Qtype as AAAA. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsAnyQuery |
DNS flood vector. This vector detects the DNS packets with Qtype as ANY_QRY. Attack is detected or dropped based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsPtrQuery |
DNS flood vector. This vector detects the DNS packets with Qtype as PTR. Attack is detected or dropped per the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsAxfrQuery |
DNS flood vector. This vector detects the DNS packets with Qtype as AXFR. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsCnameQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as CNAME. Attack is detected or dropped based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsIxfrQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as IXFR. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsMxQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as MX. Attack is detected or dropped based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsNsQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as NS. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsOtherQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as OTHER. Attack is detected or dropped based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsSoaQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as SOA_QRY. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsSrvQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as SRV. Attack is detected or dropped based on the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsTxtQuery |
DNS flood vector. This vector detects the DNS packets with DNS Qtype as TXT. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |
dnsNxdomainQuery |
DNS flood vector. This vector detects the DNS query for non existing domains. Attack is detected or dropped according to the state and rate limit configuration, provides both per-sourceIP and per-destinationIP detection and rate limiting. |