06.03.2023 · 1 minutes read

WanGuard has new option that is hardly utilized that allows to have BGP FlowSpec counters on Juniper routers.

WanGuard from 8.1+ version has a feature that enables FlowSpec counters on Juniper routers.
This might be useful to count packets that are filtered on Juniper M/MX routers and add additional visibility during attacks.
Those packets can be any type set in Anomaly Detection and enabled in WanGuard detection module, so this way we can count any amount of traffic that is over DDoS threshold that was set.
To enable this feature You will need SSH connection to Juniper with login and password. You can find this under ExaBGP connector.

Below You can see simple ICMP flood with counters enabled.

WanGuard DDoS report with FlowSpec counters
WanGuard DDoS report with FlowSpec counters