Recommended DDoS mitigation appliance?

• Previous message (by thread): Recommended DDoS mitigation appliance?
• Next message (by thread): Recommended DDoS mitigation appliance?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2019-11-18 04:23, Richard wrote:
> I would say you are making some assumptions that are not fact based.
> The OP is very knowledgeable and would not mince words or waste
> bandwidth. Let us see what he has to say in regards to your remarks.
> He will be able to make this more clear once he has read what people
> have stated in other responses.
> 
> Respectfully, of course, Richard Golodner
> On 11/17/19 8:12 PM, Töma Gavrichenkov wrote:
> 
>> Peace,
>> 
>> On Mon, Nov 18, 2019, 1:49 AM Rabbi Rob Thomas <robt at cymru.com>
>> wrote:
>> 
>>>> I am going to assume you want it to spit out 10G clean, what
>>> size
>>>> dirty traffic are you expecting it to handle?
>>> 
>>> Great question!  Let's say between 6Gbps and 8Gbps dirty.
>> 
>> As someone making a living as a DDoS mitigation engineer for the
>> last 10 years (minus 1 month) I should say your threat model is sort
>> of unusual.  Potential miscreants today should be assumed to have
>> much more to show you even on a daily basis.
>> 
>> Is it like you also have something filtering upstream for you, e.g.
>> flowspec-enabled peers?
>> 
>> --
>> Töma
>> 
>>> 

AFAIK new threats (SYN+ACK amplification) can't be mitigated over 
flowspec and they can reach 40+Gbps easily.

• Previous message (by thread): Recommended DDoS mitigation appliance?
• Next message (by thread): Recommended DDoS mitigation appliance?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]