F5 Firewall Solutions > [Archive1] AFM - The Data Center Firewall > Lab 3 - AFM DDoS Lab > Detecting and Preventing DNS DoS Attacks on a Virtual Server Source | Edit on
Configuring a DoS Profile¶
We will now create a DoS profile with manually configured thresholds to limit the attack’s effect on our server.
Navigate to Security > DoS Protection > DoS Profiles
Create a new DoS profile with the name dns-dos-profile.
- Click Finished.
The UI will return to the DoS Profiles list. Click the dns-dos-profile name.
Click the Protocol Security tab and select DNS Security from the drop-down.
Click the DNS A Query vector from the Attack Type list.
Modify the DNS A Query vector configuration to match the following values, leaving unspecified attributes with their default value:
State: Mitigate
Threshold Mode: Fully Manual
Detection Threshold EPS: (Set this at 80% of your safe QPS value)
- Mitigation Threshold EPS: (Set this to your safe QPS value)
Make sure that you click Update to save your changes.