OPNsense Forum
English Forums => General Discussion => Topic started by: penley on October 07, 2016, 03:57:47 pm
-
Does OPNsense by default have dos and ddos prevention or is this something that needs to be configured?
We're not experiencing any issues at the moment, I'm just asking for clarification.
Kind regards,
penley
-
As far as I know no appliance can do that for you because the problem of a DDoS usually is the limited bandwidth of your WAN connection.
OPNsense can use the synproxy state to protect against SYN floods, which can be enabled in the rules (advanced option).
-
Hi penley,
If the firewall machine is powerful enough to protect your internal assets the synproxy is good enough. So if you did not have one before that might work. If the traffic is too high, you need other kinds of mitigation, but it also depends on the type of attack.
Cheers,
Franco