D/DoS mitigation hardware/software needed.

Rob Shakir rjs at eng.gxn.net
Tue Jan 5 14:44:45 UTC 2010


(Resent, sorry for multiple copies -- I messed up from From: address)
On 5 Jan 2010, at 06:16, Stefan Fouant wrote:
>> 
>> That said, what are all those ISPs doing now that Cisco has stopped
>> developing the Guard?
> 
> Well of course, moving to Arbor haha... eased in part by a little Cisco
> initiative called Clean Pipes 2.0 :)

Is this really true? I've seen the white paper,  I've been told that the this is the best way forward from the Guard, but I must say that I'm not yet totally convinced. The Guard product was something that can be separated from the Cisco Detection approach, i.e. one can activate the Guard via a means that did not necessarily involve the Detectors being the source of the activation, this doesn't seem to be true for the Arbor alternative (I believe that the TMS requires registering against the rest of the PeakFlow platform).

The other thing that we noted relating to the platform is that there's nothing really "new" in the TMS (other than of course, much increased scrubbing rates!) compared to the Guard. There doesn't appear to be any direct comparison to the 'strong' scrubbing mode that the Cisco Guard implemented - whereby the device would proxy a bunch of traffic.

If you're an SP who has some existing NetFlow solution, and don't really justify a spend for traffic intelligence within your network (or have something home-grown), is there an alternative scrubber that one might be able to use in a more standalone deployment that can approach the filtering levels of the Arbor kit?

I should probably point out that we only really started our conversation with Arbor within the last month or so, so there are perhaps details relating to this that I've missed. I'd be happy to be corrected!

Kind regards,
Rob

-- 
Rob Shakir                      <rjs at eng.gxn.net>
Network Development Engineer    GX Networks/Vialtus Solutions
ddi: +44208 587 6077            mob: +44797 155 4098
pgp: 0xc07e6deb                 nic-hdl: RJS-RIPE

This email is subject to: http://www.vialtus.com/disclaimer.html






More information about the NANOG mailing list