Bug ID 588405: BADOS - BIG-IP Self-protection during (D)DOS attack

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2

Fixed In:
13.0.0, 12.1.2

Opened: Apr 19, 2016
Severity: 3-Major

Symptoms

Problem: 100% accurate detection may not help to prevent an attack It's necessary to protect BIG-IP CPU utilization during attack - for BAD actors (in addition to shunlist) and for unknown IPs. This mechanism should allow bad actors detection and keep CPU utilization in reasonable limits.

Impact

Service impact due to BIG-IP CPU high utilization

Conditions

High BIG-IP CPU utilization during (D)DOS attack

Workaround

No workaround

Fix Information

Added additional CPU protection during a (D)DOS attack

Behavior Change