box against dos/ddos
kamtha at ak-labs.net
Thu Jan 31 18:52:56 UTC 2013
Arbour Peakflow is probably the way to go.
However if you don't want to spend a ton of money, you might
want to consider using a stub router +bgp coupled with a server
running the appropriate SNMP tools (perhaps cacti) to publish your desired data.
It's not the most convenient solution but it should do..
On Thu, Jan 31, 2013 at 03:37:41PM +0100, Piotr wrote:
> I looking some box (vendor, model), which i can put out of the
> main/product network, which can analyze packets netflow,sflow,syslog
> from bgp router(s) and after discover some anomaly it can do some
> action, for example:
> - Box have bgp session with bgp router and advertise attacked ip prefix
> with some community. Bgp router set next-hop for this prefix to /dev/null
> Normal traffic via bgp router is about 1G/s in and 10G/s out
> What is worth of looking and what you suggest ?
> thanks for help,
More information about the NANOG