DPI or Flow Management

Roland Dobbins rdobbins at cisco.com
Sun Mar 1 19:17:47 CST 2009


On Mar 2, 2009, at 9:10 AM, Roland Dobbins wrote:

> With regards to DDoS mitigation, it's sometimes necessary to go  
> above layers-3/-4 in the event of layer-7-targeted attacks.

In fact, it's sometimes important to have the ability to parse packet  
payloads and/or interact with traffic in some layer-3/layer-4 attacks,  
depending upon the type of traffic, source distribution, legitimate  
proxy intermediaries, spoofed vs. non-spoofed, and so forth.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // +852.9133.2844 mobile

   Some things are just too precious to entrust to computers.

		   -- Seth Hanford





More information about the NANOG mailing list