Bug ID 751288: DNS or Network protocol DoS attacks reported as mitigating when configured as monitoring

Last Modified: May 08, 2019

Bug Tracker

Affected Product:  See more info
BIG-IQ AppIQ(all modules)

Known Affected Versions:
6.0.0, 6.0.1

Opened: Nov 28, 2018
Severity: 3-Major

Symptoms

The DoS visibility screens (Monitoring >> DASHBOARDS >> DDOS >> Protection Summary), and DDoS attack events, might display DNS and Network protocol DoS attacks with the incorrect protection mode.

Impact

Network or DNS DoS attacks, detected by a DoS profile with detect-only or learn-only protection, display a protection mode for the attack as Mitigating instead of the configured Monitoring status. This does not affect the reported traffic data found in the DoS visibility dimensions and charts.

Conditions

An attacked object assigned to a DoS profile with either DNS or Network security protocols that are configured to have detect-only or learn-only states for DoS attacks.

Workaround

None

Fix Information

None

Behavior Change