Thank you for asking this question in the Support Community. If you are getting DoS attacks, then maybe you can use the ip policy-class <name> max-host-sessions <number> command to alter settings for an access control policy (ACP). The <number> specifies the maximum number of allowed ACP sessions that can be created from each unique source address. This command is used in conjunction with a named ACP and only applies the limit to that particular ACP.
Let me know if you have any questions on this command or the application. I will be happy to help in any way I can.
I did get the command issued without issue. The attacks are random and we will see if this helps the issue.