nanog mailing list archives

Re: D/DoS mitigation hardware/software needed.

From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Tue, 5 Jan 2010 09:43:06 +0530

With these safeguards in place - and with flow devices being part of
the mix somewhere .. what you propose is quite reasonable.

There's still the question of whether an application that receives a
lot of new / untrusted traffic - a mail or web server - would benefit
from having a stateful firewall in front .. Roland seems to think not.

--srs

On Tue, Jan 5, 2010 at 9:35 AM, Jeffrey Lyon
<jeffrey.lyon () blacklotus net> wrote:

1. We have multiple nodes conducting DDoS scrubbing, one failing would not
be catastrophic.

2.  Indeed.

3.  Sort of, such devices are downstream for extremely valid reasons I won't
get into now.

4. Indeed, were equipped to handle substantially higher than 150kpps.

I'm sure Arbor is really neat but I disagree that any DDoS appliance is a
standalone solution. I don't expect an employee of the vendor themselves to
attest to this though.




-- 
Suresh Ramasubramanian (ops.lists () gmail com)

Current thread:

Re: D/DoS mitigation hardware/software needed., (continued)
- - - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Darren Bolding (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Darren Bolding (Jan 05)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 05)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Darren Bolding (Jan 05)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 05)
    - Re: D/DoS mitigation hardware/software needed. Darren Bolding (Jan 05)
    - Message not available
    - Re: D/DoS mitigation hardware/software needed. Jeffrey Lyon (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Suresh Ramasubramanian (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Christopher Morrow (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Suresh Ramasubramanian (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Rick Ernst (Jan 04)
    - Re: D/DoS mitigation hardware/software needed. Dobbins, Roland (Jan 04)
    - RE: D/DoS mitigation hardware/software needed. Stefan Fouant (Jan 04)

(Thread continues...)