Bug ID 502414: Make the RateTracker tier3 initialization number less variant.

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.2 HF1

Opened: Jan 22, 2015
Severity: 3-Major

Symptoms

Sweep and Flood vectors may exceed configured rate limit values by 10%-30$.

Impact

Sweep and Flood attack detection at higher than configured levels.

Conditions

When Sweep and Flood vector is enabled in AFM module.

Workaround

None.

Fix Information

An optimization was made to Rate Tracker that makes attack detection more accurate.

Behavior Change