Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.
For more information about queue wedges and a few detection mechanisms that may be used to identify a blocked interface on Cisco IOS Software (including a white paper describing how this condition can be detected using SNMP) see Cisco IOS Queue Wedges Explained
Prevent disruption of communication between devices by reducing the impact of attacks which may directly impact the CPU performance of the individual devices. For control plane hardening best practices, consult the Cisco Guide to Harden Cisco IOS Devices
Apply hardware rate limiter features to limit packets requiring processing by the device's CPU to mitigate DoS attacks. See the vendor's documentation for specific configuration instructions. For hardware rate limiting configuration details, see Cisco Catalyst 6500 Denial of Service (DoS) Protection Configuration Guide
Understanding activity on the network provides information and visibility that can be used to identify potential security incidents. Organizations should log events from devices and review the logged data to provide insight into anomalies or malicious activity. For logging best practices, see Cisco Guide to Harden Cisco IOS Devices
Administrators may consider analyzing network traffic to identify bursty traffic, see Wireshark Use to Identify Bursty Traffic on Catalyst Switches
Administrators are advised to monitor network traffic for security-related network activity. Cisco NetFlow can identify such activity. For more information about Cisco NetFlow, see Introduction to Cisco IOS NetFlow - A Technical Overview
Administrators are advised to monitor affected systems.