[120848] in North American Network Operators' Group
Re: D/DoS mitigation hardware/software needed.
daemon@ATHENA.MIT.EDU (Rob Shakir)
Tue Jan 5 09:45:30 2010
From: Rob Shakir <rjs@eng.gxn.net>
In-Reply-To: <005c01ca8dce$a59141a0$f0b3c4e0$@net>
Date: Tue, 5 Jan 2010 14:44:45 +0000
To: Stefan Fouant <sfouant@shortestpathfirst.net>
Cc: 'NANOG list' <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
(Resent, sorry for multiple copies -- I messed up from From: address)
On 5 Jan 2010, at 06:16, Stefan Fouant wrote:
>>=20
>> That said, what are all those ISPs doing now that Cisco has stopped
>> developing the Guard?
>=20
> Well of course, moving to Arbor haha... eased in part by a little =
Cisco
> initiative called Clean Pipes 2.0 :)
Is this really true? I've seen the white paper, I've been told that the =
this is the best way forward from the Guard, but I must say that I'm not =
yet totally convinced. The Guard product was something that can be =
separated from the Cisco Detection approach, i.e. one can activate the =
Guard via a means that did not necessarily involve the Detectors being =
the source of the activation, this doesn't seem to be true for the Arbor =
alternative (I believe that the TMS requires registering against the =
rest of the PeakFlow platform).
The other thing that we noted relating to the platform is that there's =
nothing really "new" in the TMS (other than of course, much increased =
scrubbing rates!) compared to the Guard. There doesn't appear to be any =
direct comparison to the 'strong' scrubbing mode that the Cisco Guard =
implemented - whereby the device would proxy a bunch of traffic.
If you're an SP who has some existing NetFlow solution, and don't really =
justify a spend for traffic intelligence within your network (or have =
something home-grown), is there an alternative scrubber that one might =
be able to use in a more standalone deployment that can approach the =
filtering levels of the Arbor kit?
I should probably point out that we only really started our conversation =
with Arbor within the last month or so, so there are perhaps details =
relating to this that I've missed. I'd be happy to be corrected!
Kind regards,
Rob
--=20
Rob Shakir <rjs@eng.gxn.net>
Network Development Engineer GX Networks/Vialtus Solutions
ddi: +44208 587 6077 mob: +44797 155 4098
pgp: 0xc07e6deb nic-hdl: RJS-RIPE
This email is subject to: http://www.vialtus.com/disclaimer.html
