<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">Hopefully you would be sending those flows out a different circuit than the one that’s going to get swamped with a DDoS otherwise... it might just take a while to mitigate that ;-) depending on the type obviously.<br><br><div dir="ltr"><div><span style="background-color: rgba(255, 255, 255, 0);">-- </span></div><div><span style="background-color: rgba(255, 255, 255, 0);"> J. Hellenthal</span></div><div><span style="background-color: rgba(255, 255, 255, 0);"><br></span></div><span style="background-color: rgba(255, 255, 255, 0);">The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.</span></div><div dir="ltr"><br><blockquote type="cite">On Feb 3, 2020, at 11:01, Javier Juan <javier.juan@gmail.com> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr"><div dir="ltr">Hi !<div><br></div><div>I was looking around (a couple years ago) for mitigation appliances (Riorey, Arbor, F5 and so on).... but the best and almost affordable solution I found was Incapsula/Imperva.</div><div><a href="https://docs.imperva.com/bundle/cloud-application-security/page/introducing/network-ddos-monitoring.htm">https://docs.imperva.com/bundle/cloud-application-security/page/introducing/network-ddos-monitoring.htm</a> </div><div><br></div><div>Basically, You send your flows to Imperva on cloud for analysis. As soon as they find DDoS attack , they activate mitigation. It´s some kind of elegant-hybrid solution without on-premise appliances . Just check it out :)<br></div><div><br></div><div>Regards,</div><div><br></div><div>JJ</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Nov 17, 2019 at 11:20 PM Rabbi Rob Thomas <<a href="mailto:robt@cymru.com">robt@cymru.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
<br>
Hello, NANOG!<br>
<br>
I'm in the midst of rebuilding/upgrading our backbone and peering -<br>
sessions cheerfully accepted :) - and am curious what folks recommend<br>
in the DDoS mitigation appliance realm? Ideally it would be capable<br>
of 10Gbps and circa 14Mpps rate of mitigation. If you have a<br>
recommendation, I'd love to hear it and the reasons for it. If you<br>
have an alternative to an appliance that has worked well for you<br>
(we're a mix of Cisco and Juniper), I'm all ears.<br>
<br>
Private responses are fine, and I'm happy to summarize back to the<br>
list if there is interest.<br>
<br>
Thank you!<br>
Rob.<br>
- -- <br>
Rabbi Rob Thomas Team Cymru<br>
"It is easy to believe in freedom of speech for those with whom we<br>
agree." - Leo McKern<br>
-----BEGIN PGP SIGNATURE-----<br>
<br>
iQIzBAEBCAAdFiEEDcVjavXj08cL/QwdQ+hhYvqF8o0FAl3Rx08ACgkQQ+hhYvqF<br>
8o0snw/8CxTOujcodNh/huMXZaUNlMNoNRz3IoPqBiAP9BZomMz9xqlpDW/qvWBF<br>
xhoJ07C0O0mo5ilNjnPR308uifIBu6ylw02PshOCU06dV0afgtndxGg5AoG9npUV<br>
7uCi2afWaf22dq5TwKLut8QPNNQJTRzndX88xJw9MzzoBTemxRtM7ft4H3UhJ0hv<br>
oKo83FCNZQt36I+GZA9GBJeXM+o0f5h0w6fhRqARzttf6brJZdXgROyIQ7jptGuZ<br>
N3Yrjk/8RM4XKMnYbtIwl8NS3c0nEGN3ndn+Bz7p2FE7QJrZKonk/o03dvr2kU0Y<br>
7gUQliOOzV9EsptVGyLCVyDJSElvXTBaps0giEVZhdmEIDJPWvBc+93j1g7xbmti<br>
27lT6+5qBmEN0oKJWxXgtw9/n1yX9vsc7tXlgYDoXGhIlszdB3baRao1tYEp8BBQ<br>
hTGAULRfHe94tRzvOOQUQIuhzNcK1Q4E2jU6kzBB1wJsBD4zuHk+QIJLSHBmmnka<br>
VNKlQ+5zP8dmSMBp6k4feqAtt3hy0Bj+34FbdQZYPutIe3VXHEjpWI3jI9vKjhtC<br>
g7U/9CQIjVUl2APn1IllArpUpETBlNq7dSeJNUN/4Xh+eHglUnEn/m2kFG5mizmP<br>
d0YvLEVe0/+WzDUz+y3KxDVP5tdJT1VM46FHIgeiB4KrWNGRPUo=<br>
=uuel<br>
-----END PGP SIGNATURE-----<br>
</blockquote></div>
</div></blockquote></body></html>