[120844] in North American Network Operators' Group
Re: D/DoS mitigation hardware/software needed.
daemon@ATHENA.MIT.EDU (Darren Bolding)
Tue Jan 5 05:16:15 2010
In-Reply-To: <FF5CF0EA-7E68-4413-BFD3-A4F0FCA7AE1C@arbor.net>
Date: Tue, 5 Jan 2010 02:15:43 -0800
From: Darren Bolding <darren@bolding.org>
To: "Dobbins, Roland" <rdobbins@arbor.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
My basis for this is discussions with PCI assessors from multiple firms that
perform large numbers of assessments per year.
Next time I run into some, I'll ask to see if the usage has increased, its
been a few months since I asked this of any of them.
--D
On Tue, Jan 5, 2010 at 1:02 AM, Dobbins, Roland <rdobbins@arbor.net> wrote:
>
> On Jan 5, 2010, at 3:58 PM, Darren Bolding wrote:
>
> > I believe their is strong evidence that the use of web application
> firewalls to meet this DSS requirement is smaller than you might think. I
> would not be surprised if it was significantly less than 50%- perhaps 20%.
>
> This directly contradicts my experience working for vendor of such
> products, FWIW.
>
> But I hope this is indeed the case, as it will lead to higher availability
> for organizations which go this route!
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>
> Injustice is relatively easy to bear; what stings is justice.
>
> -- H.L. Mencken
>
>
>
>
>
--
-- Darren Bolding --
-- darren@bolding.org --
