D/DoS mitigation hardware/software needed.
jeffrey.lyon at blacklotus.net
Mon Jan 4 22:03:27 UTC 2010
Ask them if they'd come down to $10 - 20k for a full featured model
and they might make two sales, although I doubt it unfortunately.
Best regards, Jeff
On Mon, Jan 4, 2010 at 4:59 PM, Rick Ernst <nanog at shreddedmail.com> wrote:
> Several responses already, and Arbor has poked their head up.
> I'm going to start there and keep the other suggestions at-hand.
> On Mon, Jan 4, 2010 at 1:19 PM, Rick Ernst <nanog at shreddedmail.com> wrote:
>> Looking for D/DoS mitigation solutions. I've seen Arbor Networks mentioned
>> several times but they haven't been responsive to literature requests (hint,
>> if anybody from Arbor is looking...). Our current upstream is 3x GigE from
>> 3 different providers, each landing on their own BGP endpoint feeding a
>> route-reflector core.
>> I see two possible solutions:
>> - Netflow/sFlow/***Flow feeding a BGP RTBH
>> - Inline device
>> Netflow can lag a bit in detection. I'd be concerned that inline devices
>> add an additional point of failure. I'm worried about both failing-open
>> (e.g. network outage) and false-positives.
>> My current system is a home-grown NetFlow parser that spits out syslog to
>> our NOC to investigate potential attacks and manually enter them into our
>> Any suggestions other than Arbor? Any other mechanisms being used? My
>> idea is to quash the immediate problem and work additional mitigation with
>> upstreams if needed.
>> I could probably add some automation to my NetFlow/RTBH setup, but I still
>> need to worry about false-positives. I'd rather somebody else do the hard
>> work of finding the various edge-cases.
Jeffrey Lyon, Leadership Team
jeffrey.lyon at blacklotus.net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.
Follow us on Twitter at http://twitter.com/ddosprotection to find out
about news, promotions, and (gasp!) system outages which are updated
in real time.
Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
21 to find out how to "protect your booty."
More information about the NANOG