How does the Mirapoint or RazorGate appliance handle a denial of service (DoS) attack?
A denial of service attack is an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include attempts to:
- Flood a network, thereby preventing legitimate network traffic
- Disrupt connections between two machines, thereby preventing access to a service
- Prevent a particular individual from accessing a service
- Disrupt service to a specific appliance or person
The Mirapoint or RazorGate appliance temporarily stops accepting new connections of the service type affected by a denial of service attack to prevent that service from overwhelming the entire appliance. Other service connection types continue to function normally during the attack. This allows the Mirapoint or RazorGate appliance to ride out the attack and resume operations as soon as the attack is over. For example, against an SMTP flood denial of service attack, the Mirapoint or RazorGate appliance temporarily stops accepting new SMTP connections during the attack. Other service connections (such as POP, IMAP, WebMail, etc.) continue to function normally. Any messages denied during the attack will be queued up on the sending server and resent at a later time.
The maximum number of service connections to the Mirapoint or RazorGate appliance is determined by the hardware platform, the amount of appliance memory, the operating system version, and the amount of appliance load.