I'm trying to protect a web site being attacked by SYN Flood. I suspect the new Tsunami SYN Flood attack. The site is on a Windows 2012 R2 VM running IIS 8.5. The site is an older .NET 2 site using SQL 2008 R2 (another separate VM). The Hyper-V hosts and VMs are behind a Sonicwall TZ210. The firewall is showing active SYN Flood attacks like:
Performance monitor shows thousands of current connections on this one web site which is not real connections:
I'm working with Sonicwall to find a solution. I'm also exploring other firewall options.
My question is is there any features/options in IIS 8.5 to help protect against flooded requests on a web site?
Thanks in advance.