Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0
Opened: Mar 06, 2015 Severity: 3-Major
Lower throughput at very high levels of SYN flood. A more obvious symptom is an "Attack Detected" log message.
CPS degrades 5-13%, depending on platform.
This degradation occurs only under high rate of new TCP connection creation, typically when CPU usage is greater than 60%.
Change device DoS detection threshold from default to infinite.
Change in default DoS attack detection threshold can degrade L4 performance