DDOS UDP flood showing on Palo Alto Firewall public-facing interface, but our ISP is reporting that the circuit only utilizing 20% of our 10gb Bandwith.
Internet Flow ISP>Public Facing Switch>Firewall>Internal
I have seen DDoS that was maxed out our circuit to full 10gb, but this one was at most 20% internally and externally - public-facing switches/FW. During that time the internet was freezing up couldn't browse. Is that possible when the circuit is not even clogged
Any idea, maybe something else? I recently added PRTG but nothing odd in terms off bandwidth statistics, maybe use Netflow?
No comments:
Post a Comment