Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF3
Opened: Oct 14, 2015 Severity: 3-Major
All the AFM DoS Profile vector configurations are meant to be per device. The issue is that the configured thresholds are instead used as though they apply to each blade separately - hence in a multi-blade system the virtual DoS thresholds will be much larger than configured.
DoS protection could kick in much later than actually configured by the user.
A multi-blade system with AFM and DoS profile configured on a virtual with the Sweep Vector enabled.
Take the thresholds that you want to configure for the vector and divide it by the number of blades in the system, and configure those thresholds instead.
Fix the bug which considered those numbers to be per blade.