Re: Provider-based DDoS Protection Services

[John Neiberger <jneiberger () gmail com>]

Ferg,

That's an understandable attitude given the nature of your networks.
In our case, I'm just talking about two or three T1s that provide
Internet connectivity to our website for our customers.

I appreciate your input, though. I will accept all advice and input if
it gets me closer to a better understanding of the realities of topic
at hand and if it helps weed out some of the marketing fluff that's
being heaped upon me by salespeople. :)

Thanks!
John

On 7/28/05, Fergie (Paul Ferguson) <fergdawg () netzero net> wrote:
> John,
>
> Contrary to popular belief, I (not alone, of course) run,
> manage, defend, and continually architect very large
> networks. Very large.  On none of them do we outsource
> the protection of them -- because, in cases where we
> have extended trust in the past, we have been screwed
> (PC translation: disappointed).
>
> So we protect ourselves.
>
> It's been a business decision for my customers' networks
> (ie. their network) not to outsource security, or rely on
> an upstreampipedream, for protection of any sort.
>
> Thus, I personally can't provide any insight here. Sorry.
>
> - ferg
>
> -- John Neiberger <jneiberger () gmail com> wrote:
>
> In this case it's a business decision. I understand that we could
> simply weigh the costs of an attack with the costs of preemptively
> detecting and mitigating an attack, but in our case we won't lose hard
> dollars like an ecommerce site would. We have different reasons for
> wanting to have some protection in place before we need it. I look at
> it like it's an insurance policy, but I don't want to be ripped off.
>
> It's like I'm getting estimates on building a protective dike around
> my house. One contractor tells me that the floodwaters commonly reach
> six feet so I should pay him $12,000 to build a wall at least that
> high. Another contractor is telling me that he'll build a six-foot
> wall for $6,000. Another contractor is telling me that the floodwaters
> most likely won't go over two feet and he suggests that I pay him
> $1,000 for a three-foot-high wall.
>
> If it turns out that we really do need a six-foot-high wall then so be
> it. I'm not the one who pays the bills so it isn't really my decision.
> I just want to make sure I have a clearer picture of reality before I
> make any suggestions to my boss.
>
> Thanks again,
> John
>
> On 7/28/05, Fergie (Paul Ferguson) <fergdawg () netzero net> wrote:
>
> > I should've asked the most important question first -- is this
> > a technical decision, or a business decision? I mean, forgive me
> > for pointing out the obvious, but you made an issue of cost in your
> > original post...
> >
> > - ferg
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg () netzero net or fergdawg () sbcglobal net
>  ferg's tech blog: http://fergdawg.blogspot.com/