Scenario
Barring/throttling of traffic sources causing malicious attack or large call volumes using the
to ensure that the network continues to process its design-rated capacity of calls as long/ close as possible.
- Refer to the background information in Basic Service Availability - DNS.
- Other subscribers (behaving normally) should receive normal service in the core of the network.
- The uses specialized hardware and policing software to deal with high traffic volumes and protect the core network from attacks (intentional or otherwise).
- Prioritization must apply to all policing and control points through the .
Description
Caption |
---|
0 | Figure |
---|
1 | Denial of Service (DoS) Protection |
---|
|
Image Modified |
- A rogue subscriber either intentionally or due to malfunction generates a large volume of traffic. If all sessions are admitted it can cause resource contention at various points in the network and the service is denied to other subscribers.
- The AS is generally a COTS (commercial off-the-shelfCommercial Off-The-Shelf (COTS) platform with minimal hardware assist to protect against very high packet/request rates. It gets overloaded and becomes unresponsive with rates much higher than its rated capacity.
- If the excess traffic is coming from one (or a few) sources, the limits it in order to ensure good service to the remaining subscribers.