[120831] in North American Network Operators' Group
RE: D/DoS mitigation hardware/software needed.
daemon@ATHENA.MIT.EDU (Hank Nussbacher)
Tue Jan 5 01:02:35 2010
Date: Tue, 5 Jan 2010 08:02:05 +0200 (IST)
From: Hank Nussbacher <hank@efes.iucc.ac.il>
To: Stefan Fouant <sfouant@shortestpathfirst.net>
In-Reply-To: <005101ca8dc8$c418dda0$4c4a98e0$@net>
Cc: 'NANOG list' <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 5 Jan 2010, Stefan Fouant wrote:
> Almost all of the scalable DDoS mitigation architectures deployed in
> carriers or other large enterprises employ the use of an offramp method.
> These devices perform a lot better when you can forward just the subset of
> the traffic through as opposed to all. It just a simple matter of using
> static routing / RTBH techniques / etc. to automate the offramp.
That said, what are all those ISPs doing now that Cisco has stopped
developing the Guard?
-Hank
