nanog mailing list archives
Re: D/DoS mitigation hardware/software needed.
From: Rick Ernst <nanog () shreddedmail com>
Date: Mon, 11 Jan 2010 07:38:37 -0800
I thought I had mentioned outsourcing earlier, but I don't see it in the thread... The two mechanisms I've seen for outsources D/DoS are DNS manipulation, or essentially remote BGP peering with an tunnel back to the local presence. Even if we are purely hosting, DNS manipulation doesn't do anything for attacks against an IP. For remote BGP peering/tunneling, you are are adding additional complexity and moving control outside your network. As a service-provider/data-center, it seems like outsourcing would be either ineffective and/or removes the "big red button" in case of trouble. Am I missing something, overly paranoid, or are there other mechanisms for outsourced protection? Rick On Mon, Jan 11, 2010 at 6:33 AM, Stefan Fouant < sfouant () shortestpathfirst net> wrote:
-----Original Message----- From: Christopher Morrow [mailto:morrowc.lists () gmail com] Sent: Monday, January 11, 2010 2:05 AM On Mon, Jan 11, 2010 at 12:26 AM, jul <jul_bsd () yahoo fr> wrote:Martin Hannigan wrote on 05/01/10 16:50: Outsourced services have higher cost than Arbor but can handled more.Do they? VerizonBusiness's solution was $3250US/month so ~$90USk over 2yrs. Arbor, I think, for a TMS + collectors was +100k.Don't forget to factor in OpEx. This can often tilt the scales in favor of one vs. the other. Stefan Fouant, CISSP, JNCIE-M/T www.shortestpathfirst.net GPG Key ID: 0xB5E3803D
Current thread:
- Re: D/DoS mitigation hardware/software needed., (continued)
- Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
- RE: D/DoS mitigation hardware/software needed. Raj Singh (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Jeffrey Lyon (Jan 04)
- Re: D/DoS mitigation hardware/software needed. kowsik (Jan 04)
- Re: D/DoS mitigation hardware/software needed. Martin Hannigan (Jan 05)
- Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 05)
- Re: D/DoS mitigation hardware/software needed. jul (Jan 10)
- Re: D/DoS mitigation hardware/software needed. Christopher Morrow (Jan 10)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 11)
- Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 11)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 11)
- Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 11)
- Re: D/DoS mitigation hardware/software needed. Christopher Morrow (Jan 11)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 11)
- Re: D/DoS mitigation hardware/software needed. Christopher Morrow (Jan 11)
- Re: D/DoS mitigation hardware/software needed. Hank Nussbacher (Jan 11)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 11)
- Re: D/DoS mitigation hardware/software needed. jul (Jan 11)
- RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 11)