Recommended DDoS mitigation appliance?
Alexander Lyamin
la at qrator.net
Mon Nov 18 09:49:29 UTC 2019
Correct statement. You forgot one zero.
On Mon, Nov 18, 2019 at 10:48 AM Denys Fedoryshchenko <
nuclearcat at nuclearcat.com> wrote:
> On 2019-11-18 04:23, Richard wrote:
> > I would say you are making some assumptions that are not fact based.
> > The OP is very knowledgeable and would not mince words or waste
> > bandwidth. Let us see what he has to say in regards to your remarks.
> > He will be able to make this more clear once he has read what people
> > have stated in other responses.
> >
> > Respectfully, of course, Richard Golodner
> > On 11/17/19 8:12 PM, Töma Gavrichenkov wrote:
> >
> >> Peace,
> >>
> >> On Mon, Nov 18, 2019, 1:49 AM Rabbi Rob Thomas <robt at cymru.com>
> >> wrote:
> >>
> >>>> I am going to assume you want it to spit out 10G clean, what
> >>> size
> >>>> dirty traffic are you expecting it to handle?
> >>>
> >>> Great question! Let's say between 6Gbps and 8Gbps dirty.
> >>
> >> As someone making a living as a DDoS mitigation engineer for the
> >> last 10 years (minus 1 month) I should say your threat model is sort
> >> of unusual. Potential miscreants today should be assumed to have
> >> much more to show you even on a daily basis.
> >>
> >> Is it like you also have something filtering upstream for you, e.g.
> >> flowspec-enabled peers?
> >>
> >> --
> >> Töma
> >>
> >>>
>
> AFAIK new threats (SYN+ACK amplification) can't be mitigated over
> flowspec and they can reach 40+Gbps easily.
>
--
Alexander Lyamin, VP & Founder
Qrator <http://qrator.net/>* Labs CZ *
office: +420 602 558 144 <++420+602+558+144>
mob: +420 774 303 807 <++420+774+303+807>
skype: melanor9
mailto: la at qrator.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20191118/bcacb220/attachment.html>
More information about the NANOG
mailing list