box against dos/ddos

Carlos Kamtha kamtha at ak-labs.net
Thu Jan 31 18:52:56 UTC 2013


Arbour Peakflow is probably the way to go. 

However if you don't want to spend a ton of money, you might
want to consider using a stub router +bgp coupled with a server 
running the appropriate SNMP tools (perhaps cacti) to publish your desired data.

It's not the most convenient solution but it should do..

Cheers.

-CK

On Thu, Jan 31, 2013 at 03:37:41PM +0100, Piotr wrote:
> Hi,
> 
> I looking some box (vendor, model), which i can put out of the 
> main/product network,  which can analyze packets  netflow,sflow,syslog 
> from bgp router(s) and after discover some anomaly it can do some 
> action, for example:
> 
> - Box have bgp session with bgp router and advertise attacked ip prefix 
> with some community. Bgp router set next-hop for this prefix to /dev/null
> 
> Normal traffic via bgp router is about 1G/s in and 10G/s out
> 
> What is worth of looking and what you suggest ?
> 
> thanks for help,
> Piotr



More information about the NANOG mailing list