Hi!
We have hosted an application on our server which gets accessed across the globe. Everything works fine for years but suddenly from last 2 weeks we face issue that users complaint server not responding. Upon checking our Cisco ASA we identified numerous attempts from IP's from CHINA that tries to connect to our Server. As a result our users unable to access the server, although time to time we are blocking the unknown pools using ASA but yet the Attacks keep on coming from different sources.

Current Network Setup is As following: -

ISP => Cisco ASA => SQL Server
||
DC
||
LAN

OS = Windows 2003 (Also running MS ISA 2004)

Our application get accessed from different source machines so we can't directly block all unknown source IP for this particular application using Cisco ASA.

Any suggestion how can we block/minimize these DOS attacks?