nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: D/DoS mitigation hardware/software needed.

From: "Stefan Fouant" <sfouant () shortestpathfirst net>
Date: Tue, 5 Jan 2010 01:16:39 -0500
-----Original Message-----
From: Hank Nussbacher [mailto:hank () efes iucc ac il]
Sent: Tuesday, January 05, 2010 1:02 AM

On Tue, 5 Jan 2010, Stefan Fouant wrote:


Almost all of the scalable DDoS mitigation architectures deployed in
carriers or other large enterprises employ the use of an offramp

method.

These devices perform a lot better when you can forward just the

subset of

the traffic through as opposed to all.  It just a simple matter of

using

static routing / RTBH techniques / etc. to automate the offramp.


That said, what are all those ISPs doing now that Cisco has stopped
developing the Guard?


Well of course, moving to Arbor haha... eased in part by a little Cisco
initiative called Clean Pipes 2.0 :)

Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
Previous By Date Next
Previous By Thread Next

Current thread: