Cisco Cisco Packet Data Interworking Function (PDIF) Documentation Roadmaps
Personal Stateful Firewall Overview
Supported Features ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22937-01
Supported Features
The Personal Stateful Firewall supports the following features:
Protection against Denial-of-Service Attacks
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks can deprive network resources/services
unavailable to its intended users.
unavailable to its intended users.
DoS attacks can result in:
A host consuming excessive resources—memory, disk space, CPU time, etc.—eventually leading to a system
crash or providing very sluggish response.
Flooding of the network to the extent that no valid traffic is able to reach the intended destination.
Confusing target TCP/IP stack on destination hosts by sending crafted, malformed packets eventually resulting
in system crash.
DoS attacks can destroy data in affected mobile nodes. Stateful Firewall is designed to defend subscribers and prevent
the abuse of network bandwidth from DoS attacks originating from both the Internet and the internal network.
the abuse of network bandwidth from DoS attacks originating from both the Internet and the internal network.
Types of Denial-of-Service Attacks
Personal Stateful Firewall can detect the following DoS attacks.
The DoS attacks are listed based on the protocol layer that they work on.
IP-based Attacks: