To configure flood mitigation

  1. In the console tree of ISA Server Management, click General.
  2. In the details pane, click Configure Flood Mitigation Settings.
  3. On the Flood Mitigation tab, configure the following options:
  4. On the IP Exceptions tab, click Add to add network elements to which you want to apply a custom limit.

Optimizing logging in case of attack

Each time a flood mitigation limit is exceeded, ISA Server generates an alert, indicating the IP address of the offending client. After you identify the list of offending IP addresses, to prevent unnecessary logging, perform the following procedure. This helps improve ISA Server performance during a flood.

To improve ISA Server performance during a flood

  1. Disable logging either on the specific rule that matches the flood or altogether until the flood attack is stopped.
  2. Reconfigure the Connections Limit alerts (or any other types of alerts that may be triggered repeatedly as a result of the specific attack) to Manually Reset.



Related Topics

web link Get latest ISA Server content at ISA Server Guidance(
Send feedback about this page Send feedback about this page.