nanog mailing list archives
Re: D/DoS mitigation hardware/software needed.
From: Rob Shakir <rjs () eng gxn net>
Date: Tue, 5 Jan 2010 14:44:45 +0000
(Resent, sorry for multiple copies -- I messed up from From: address) On 5 Jan 2010, at 06:16, Stefan Fouant wrote:
That said, what are all those ISPs doing now that Cisco has stopped developing the Guard?Well of course, moving to Arbor haha... eased in part by a little Cisco initiative called Clean Pipes 2.0 :)
Is this really true? I've seen the white paper, I've been told that the this is the best way forward from the Guard, but I must say that I'm not yet totally convinced. The Guard product was something that can be separated from the Cisco Detection approach, i.e. one can activate the Guard via a means that did not necessarily involve the Detectors being the source of the activation, this doesn't seem to be true for the Arbor alternative (I believe that the TMS requires registering against the rest of the PeakFlow platform). The other thing that we noted relating to the platform is that there's nothing really "new" in the TMS (other than of course, much increased scrubbing rates!) compared to the Guard. There doesn't appear to be any direct comparison to the 'strong' scrubbing mode that the Cisco Guard implemented - whereby the device would proxy a bunch of traffic. If you're an SP who has some existing NetFlow solution, and don't really justify a spend for traffic intelligence within your network (or have something home-grown), is there an alternative scrubber that one might be able to use in a more standalone deployment that can approach the filtering levels of the Arbor kit? I should probably point out that we only really started our conversation with Arbor within the last month or so, so there are perhaps details relating to this that I've missed. I'd be happy to be corrected! Kind regards, Rob -- Rob Shakir <rjs () eng gxn net> Network Development Engineer GX Networks/Vialtus Solutions ddi: +44208 587 6077 mob: +44797 155 4098 pgp: 0xc07e6deb nic-hdl: RJS-RIPE This email is subject to: http://www.vialtus.com/disclaimer.html
Current thread:
- Re: D/DoS mitigation hardware/software needed., (continued)
- Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Adrian Chadd (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Florian Weimer (Jan 05)
- Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
- RE: D/DoS mitigation hardware/software needed. Hank Nussbacher (Jan 04)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Rob Shakir (Jan 05)
- Re: D/DoS mitigation hardware/software needed. Jeffrey Lyon (Jan 05)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 05)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 05)
- Message not available
- Re: D/DoS mitigation hardware/software needed. Hank Nussbacher (Jan 06)
- Re: D/DoS mitigation hardware/software needed. Graeme Fowler (Jan 06)
- Re: D/DoS mitigation hardware/software needed. Rob Shakir (Jan 06)
- Re: D/DoS mitigation hardware/software needed. Suresh Ramasubramanian (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Suresh Ramasubramanian (Jan 04)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 04)