To protect against TCP attacks while only incoming traffic is present, MITIGATOR uses widely accepted methods of checking by resetting the TCP session and using the wrong sequence number with different combinations of flags.
In addition to the standard protection mechanisms, a unique mode of operation with ISN synchronization is available, in which protection against traffic asymmetry does not require unnecessary packet exchange or disconnection with the client.
Activation of address protection is supported only for servers under attack, which eliminates the negative impact on the traffic of other services.