D/DoS mitigation hardware/software needed.

Darren Bolding darren at bolding.org
Tue Jan 5 04:15:43 CST 2010


My basis for this is discussions with PCI assessors from multiple firms that
perform large numbers of assessments per year.

Next time I run into some, I'll ask to see if the usage has increased, its
been a few months since I asked this of any of them.

--D

On Tue, Jan 5, 2010 at 1:02 AM, Dobbins, Roland <rdobbins at arbor.net> wrote:

>
> On Jan 5, 2010, at 3:58 PM, Darren Bolding wrote:
>
> > I believe their is strong evidence that the use of web application
> firewalls to meet this DSS requirement is smaller than you might think.  I
> would not be surprised if it was significantly less than 50%- perhaps 20%.
>
> This directly contradicts my experience working for vendor of such
> products, FWIW.
>
> But I hope this is indeed the case, as it will lead to higher availability
> for organizations which go this route!
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
>    Injustice is relatively easy to bear; what stings is justice.
>
>                        -- H.L. Mencken
>
>
>
>
>


-- 
--  Darren Bolding                  --
--  darren at bolding.org           --



More information about the NANOG mailing list