Logo
Get A Demo
  1. Home
  2. Blog
  3. Prepare Your network for Black Friday, Cyber Monday and the Christmas Shopping Season

Last updated February 15th, 2023 by Michael Hamelin

It starts in a few days – crowds will go shopping, transaction rates will reach new peaks and your web servers will be loaded to maximum capacity. Just a little bit more, and they will fall over – causing downtime and disrupting business. What can you do to avoid this scenario?

  • First, start monitoring now! The firewall is ideally placed for monitoring connection rates. Make sure that logs are being generated. If you are not recording firewall performance stats, turn it on now- before you need it.
  • Next, start looking for anything that can cause an interruption of service due to resource exhaustion.  What is your firewall connection table limit? If it was 25,000 last year, should it be a little higher this year?
  • Take a look at what your peak was last year and what your peak has been so far this year. Plan for somewhere between 20% and 200% depending on your business model. You want to make sure you don’t hit your max connections at this time of year. Often we set this number low enough to stop a denial-of-service, but at this time of year we are expecting that sudden burst of connections.
  • Make sure you print out some hard copies of performance trends from last year. It is much easier if you already have them handy when you are trying to understand this year’s trend.
  • Also take a look at all of your disk drives. Logically, do you have plenty of space?  Don’t forget to physically walk to your firewalls and make sure there are no failed drives with the little red lights on.  With firewalls tucked away in data centers, and drives in RAID, we sometimes forget to look for faults on devices, like a failed drive in a RAID mirror set.

One of our users explained the following technique:

  • Monitor the connection rate through the firewall
  • Get alerted when certain thresholds are reached and decide what to do based on the trends

Monitoring Firewall Connections with SecureTrack

If you use SecureTrack, it can monitor firewall connections using the firewall OS monitoring facility.

SecureTrack actually monitors a variety of parameters such as CPU Usage, Memory, Packets (accepted, dropped etc.), Processes and Disk space. You can also define thresholds and receive e-mail alerts that include the recent trend:

When a connection threshold is reached, you can perform additional analysis to determine the cause of traffic. Run a rule and object usage report to pin-point the exact rules, networks and services that cause the high connection rate.

We’re interested in your feedback – what anti-overload techniques do you use?

Michael and Reuven

Don't miss out on more Tufin blogs

Subscribe to our weekly blog digest

In this post:

Background Image

Related Posts

Navigating Cloud Security Metrics: A Guide for CISOs
Navigating Cloud Security Metrics: A Guide for CISOs
3 Common Challenges and Solutions when Implementing Zero Trust Networking Policies
3 Common Challenges and Solutions when Implementing Zero Trust Networking Policies
Understanding the Application Layer Firewall: The Future of Online Security
Understanding the Application Layer Firewall: The Future of Online Security
Tufin Named “Customer Service Department of the Year” by the Stevie Awards
Tufin Named “Customer Service Department of the Year” by the Stevie Awards

Top Posts

How to Perform a Firewall Audit – Policy Rules Review Checklist
How to Perform a Firewall Audit – Policy Rules Review Checklist
Understanding AWS Route Table: A Practical Guide
Understanding AWS Route Table: A Practical Guide
What is a Firewall Ruleset? How can it help me?
What is a Firewall Ruleset? How can it help me?
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Close