VPN DX public VIF termination advice
When terminating the VPN on public VIF, if there is an Internet reachable public IP in the path, how can you protect it from things like DDoS?
- Le plus récent
- Le plus de votes
- La plupart des commentaires
The first line of defense would be using a firewall filter (based on the source/destination address of packets) to control traffic to and from, based on IP address ranges. This could be done on a stand alone device, on the router, or through your provider's network (e.g. in an SD-WAN configuration).
We recommend that you use a firewall filter (based on the source/destination address of packets) to control traffic to and from some prefixes. If you're using a prefix filter (route map), ensure that it accepts prefixes with an exact match or longer. Prefixes advertised from AWS Direct Connect may be aggregated and may differ from the prefixes defined in your prefix filter.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 2 mois
AWS OFFICIELA mis à jour il y a 2 ans- AWS OFFICIELA mis à jour il y a 10 mois
- AWS OFFICIELA mis à jour il y a 7 mois
- AWS OFFICIELA mis à jour il y a 2 ans
