D/DoS mitigation hardware/software needed.

• Previous message (by thread): D/DoS mitigation hardware/software needed.
• Next message (by thread): D/DoS mitigation hardware/software needed.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jan 5, 2010, at 12:05 PM, Rick Ernst wrote:

> 
> A solution preferably that integrates with NetFlow and RTBH.  An in-line solution obviously requires an appliance, or at least special/additional hardware.

The key is to not be inline all the time, but only inline *when needed*.  This removes operational complexity, provides the ability to oversubscribe, and simplifies the routine troubleshooting matrix.

> I'm looking at taking the first whack at immediate mitigation at the border/edge (upstream) via uRPF and RTBH.  

Good plan.

> Additional mitigation would be  via manual or automatic RTBH or security/abuse@ involvement with upstreams.

Automagic is generally bad, as it can be gamed.  

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

    Injustice is relatively easy to bear; what stings is justice.

                        -- H.L. Mencken

• Previous message (by thread): D/DoS mitigation hardware/software needed.
• Next message (by thread): D/DoS mitigation hardware/software needed.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]