RE: DDOS hardware appliances for network security - Arbor Pravail APS vs nsFocus ADS 6020 - Reviews - Feedback

["Joseph Chin" <l-nanog () iodi se>]

If all you need is initial mitigation against fairly basic flood type attack vectors, then the Radware and a host of 
other similar appliances, should do the job. I know Radware is in the stack of a few very successful DDoS mitigation 
services. But if you intend to offer a premium DDoS mitigation service, then you should invest in the likes of Arbor. 
The Arbor Fingerprint Sharing Alliance is a big time value-add and their support organization (including ArborSERT) is 
top-notch. In addition to good marketing, there are sound technical reasons why Arbor is found in the mitigation stacks 
of most top-tier service providers.

Whatever on-premise mitigation solution you implement, I also strongly recommend forming a commercial alliance with a 
dedicated mitigation service provider (e.g. Prolexic, Verisign, DOSarrest) so that you have a contingency plan for when 
the attacks get too big/sophisticated to effectively mitigate without affecting your infrastructure and your ability to 
meet SLAs to other customers. When sh*t hits the fan, it is good to be able to get the targeted /24 off your 
transit/peering links. Lastly, successful mitigation requires that you have excellent relationship along with 
well-rehearsed playbook (e.g. for ACL and null-routing) in place with all your transit/peering links.

-----Original Message-----
From: Dennis Usle [mailto:dennis () justipit com] 
Sent: Sunday, December 02, 2012 1:12 PM
To: James Braunegg
Cc: nanog () nanog org
Subject: Re: DDOS hardware appliances for network security - Arbor Pravail APS vs nsFocus ADS 6020 - Reviews - Feedback

Checkout Radware Defense Pro.   It offers some very innovative approaches to network and application attack mitigation. 
 I particularly like the NBA and real time signatures. 



James Braunegg <james.braunegg () micron21 com> wrote:

> Dear Nanog
>
>
>
> I would like to start a discussion on network security DDOS hardware appliances, mainly compairing the Arbor Pravail 
> APS device vs the nsFocus ADS6020 device as I am looking at investing in such a product and would love to hear some 
> industry feedback, reviews, information and from vendors etc.
>
>
>
> To provide some background information we are looking at a device for inline filtering to clean / filter out unwanted 
> traffc inbound towards our network automaticaly.
>
>
>
> That being said I'm also happy to hear from other suppliers of appliances (not sure who else there is) or 
> recomendations.
>
>
>
> For those who don't know much about either device the Arbor Pravail fact sheet can be found here
>
>
>
> http://www.arbornetworks.com/component/docman/doc_download/498-pravail-aps-data-sheet-english?Itemid=442
>
>
>
> Like wise the fact sheet for the nsFocus ADS product can be found here
>
>
>
> http://www.nsfocus.com/en/uploadfile/Product/ADS/Datasheet/NSFOCUS%20ADS%20Data%20Sheet.pdf
>
>
>
> Until recently I was only aware of the Arbor device, although after doing some research I quicky came up with another 
> options, I'm sure many other people have asked / looked into the same questions before so let the debate begin...
>
>
>
> Kindest Regards
>
> James Braunegg
> W:  1300 769 972  |  M:  0488 997 207 |  D:  (03) 9751 7616
> E:   james.braunegg () micron21 com<mailto:james.braunegg () micron21 com>  |  ABN:  12 109 977 666
>
> [Description: Description: Description: Description: M21.jpg]
>
> This message is intended for the addressee named above. It may contain privileged or confidential information. If you 
> are not the intended recipient of this message you must not use, copy, distribute or disclose it to anyone other than 
> the addressee. If you have received this message in error please return the message to the sender by replying to it 
> and then delete the message from your computer.