Mitigating Application-level DoS attacks with LoadMaster

Applications, whether deployed in the cloud or on-premise, are more often falling victim to external DoS (and Distributed DoS) attacks. We created this experiment to demonstrate how KEMP LoadMaster can help mitigate the impact of such an attack by deploying 2 application servers and securing one with a LoadMaster.

KEMP LoadMaster’s Application Front End (AFE) feature allows customers to set thresholds in order to protect published workloads.   The Client Limiting within the AFE permits only a fixed number of TCP connections per IP address or subnet.   Networks can be assigned different limits therefore allowing more connections from trusted sources.   In the event of a Denial of Service (DOS) attack the LoadMaster will drop any connections that exceed the permitted value.  This action will protect the published workload from any malicious access as well as prevent undesirable performance impact.

Lab Notes:

This was created in a Lab in the cloud using HP LoadRunner to create connections and to measure performance and response times of the application, using SAP as the application.

Kurt Jung

Kurt Jung

Kurt Jung is a Senior Technical Marketing Engineer at KEMP Technologies. He works hands on with many technologies around application delivery and how to position these in today’s market. Kurt also works closely with key alliance partners to further strengthen the synergy. Prior to KEMP, Kurt has spent most of his career working as a consultant helping customers deploy on-premises, cloud and hybrid cloud solutions to support their business.

More Posts

Follow Me:
LinkedIn