Re: Recommended DDoS mitigation appliance?

[Alexander Lyamin <la () qrator net>]

Correct statement.  You forgot one zero.

On Mon, Nov 18, 2019 at 10:48 AM Denys Fedoryshchenko <
nuclearcat () nuclearcat com> wrote:

> On 2019-11-18 04:23, Richard wrote:
> > I would say you are making some assumptions that are not fact based.
> > The OP is very knowledgeable and would not mince words or waste
> > bandwidth. Let us see what he has to say in regards to your remarks.
> > He will be able to make this more clear once he has read what people
> > have stated in other responses.
> >
> > Respectfully, of course, Richard Golodner
> > On 11/17/19 8:12 PM, Töma Gavrichenkov wrote:
> >
> > > Peace,
> > >
> > > On Mon, Nov 18, 2019, 1:49 AM Rabbi Rob Thomas <robt () cymru com>
> > > wrote:
> > >
> > > > > I am going to assume you want it to spit out 10G clean, what
> > > > size
> > > > > dirty traffic are you expecting it to handle?
> > > >
> > > > Great question!  Let's say between 6Gbps and 8Gbps dirty.
> > >
> > > As someone making a living as a DDoS mitigation engineer for the
> > > last 10 years (minus 1 month) I should say your threat model is sort
> > > of unusual.  Potential miscreants today should be assumed to have
> > > much more to show you even on a daily basis.
> > >
> > > Is it like you also have something filtering upstream for you, e.g.
> > > flowspec-enabled peers?
> > >
> > > --
> > > Töma
> > >
> > > >
>
> AFAIK new threats (SYN+ACK amplification) can't be mitigated over
> flowspec and they can reach 40+Gbps easily.


-- 

Alexander Lyamin, VP & Founder

 Qrator <http://qrator.net/>* Labs CZ *

office: +420 602 558 144 <++420+602+558+144>

mob: +420 774 303 807 <++420+774+303+807>
skype: melanor9

mailto:  la () qrator net