I have several UDM Pros throughout my company locations. I’m using site magic for my VPN etc. . At my HQ, I have been getting DDOS attacks using pretty much every form of attack. DNS, ICMP, DNS Amplification, IP Fragmentation, NTP Amplification, Total Traffic, UDP Fragment, you name it, its getting used. When this attack starts, my UDM gets so laggy that I can barely log into it locally. I was wondering if anyone out there has a default set of rules etc. That I can use to help with the lagging part.
We purchased a mitigation service that works fairly well, but if the attacks start before the mitigation starts, I’ll have to wait awhile before I can get into the UDM.
Hi,
Which mitigation service ?
Also you might want to really front end the UDM pro with a much more robust piece of hardware built for the purpose i.e. Firewalla , and let that take care of the attacks and then pass thorugh to the UDM pro.
That seems to make sense but I think you have to remember to
do pass through to the UDM and also adjust other rules. @williehowe can
probably help you more. Good luck.