Re: Ddos mitigation service

[Pierre Lamy <pierre () userid org>]

I'm aware that they exist but don't have any knowledge or experience 
with CloudFlare.

if you're considering using them, I would ask them for a list (under 
NDA) of what large enterprises use them, what their POPs are - global is 
good - and for any analytical product they have relating to DDoS that 
they have mitigated and investigated. Also a procedure guide on how you 
would engage them in event of a DDoS. You should really be asking a lot 
of questions before signing anything with anyone, and once you select 
one - TEST IT!!! A lot of orgs do not test their mitigation processes. 
The total time to mitigation if you're not already swung to a provider, 
should be down to 30 mins to an hour, this is reasonable for detection 
to full mitigation in large companies. Without running through an 
exercise, companies will find that mitigation takes 1-4 hours. It's also 
highly recommended that you have incident handlers who are able to make 
big decisions.

-Pierre

On 01/02/2013 10:48 AM, James Thomas wrote:
> Hi Pierre,
>
> Thank you for your interesting note.
>
> On 01/02/2013 09:57, Pierre Lamy wrote:
> > The 3 major scrubbing vendors:
> >
> > Prolexic
> > Verisign
> > Akamai
> IIRC, CloudFlare claims to the same capcity of DDOS mitigation as
> Prolexic (500gb) and also has a free option with fewer scrubbing
> features.  Do you have experience with it, or is there some other reason
> to have excluded it from your list?  I apologize for my noobish question.
>
> Cheers,
>
> James