[158541] in North American Network Operators' Group
RE: DDOS hardware appliances for network security - Arbor Pravail APS
daemon@ATHENA.MIT.EDU (Joseph Chin)
Sun Dec 2 14:25:14 2012
X-Report-Abuse-To: abuse@dyndns.com (see
http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse
reporting information)
From: "Joseph Chin" <l-nanog@iodi.se>
To: "'Dennis Usle'" <dennis@justipit.com>,
"'James Braunegg'" <james.braunegg@micron21.com>
In-Reply-To: <fbh646lhl1o23ewshlcoregp.1354453935735@email.android.com>
Date: Sun, 2 Dec 2012 19:25:32 -0000
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
If all you need is initial mitigation against fairly basic flood type =
attack vectors, then the Radware and a host of other similar appliances, =
should do the job. I know Radware is in the stack of a few very =
successful DDoS mitigation services. But if you intend to offer a =
premium DDoS mitigation service, then you should invest in the likes of =
Arbor. The Arbor Fingerprint Sharing Alliance is a big time value-add =
and their support organization (including ArborSERT) is top-notch. In =
addition to good marketing, there are sound technical reasons why Arbor =
is found in the mitigation stacks of most top-tier service providers.
Whatever on-premise mitigation solution you implement, I also strongly =
recommend forming a commercial alliance with a dedicated mitigation =
service provider (e.g. Prolexic, Verisign, DOSarrest) so that you have a =
contingency plan for when the attacks get too big/sophisticated to =
effectively mitigate without affecting your infrastructure and your =
ability to meet SLAs to other customers. When sh*t hits the fan, it is =
good to be able to get the targeted /24 off your transit/peering links. =
Lastly, successful mitigation requires that you have excellent =
relationship along with well-rehearsed playbook (e.g. for ACL and =
null-routing) in place with all your transit/peering links.
-----Original Message-----
From: Dennis Usle [mailto:dennis@justipit.com]=20
Sent: Sunday, December 02, 2012 1:12 PM
To: James Braunegg
Cc: nanog@nanog.org
Subject: Re: DDOS hardware appliances for network security - Arbor =
Pravail APS vs nsFocus ADS 6020 - Reviews - Feedback
Checkout Radware Defense Pro. It offers some very innovative =
approaches to network and application attack mitigation. I particularly =
like the NBA and real time signatures.=20
James Braunegg <james.braunegg@micron21.com> wrote:
>Dear Nanog
>
>
>
>I would like to start a discussion on network security DDOS hardware =
appliances, mainly compairing the Arbor Pravail APS device vs the =
nsFocus ADS6020 device as I am looking at investing in such a product =
and would love to hear some industry feedback, reviews, information and =
from vendors etc.
>
>
>
>To provide some background information we are looking at a device for =
inline filtering to clean / filter out unwanted traffc inbound towards =
our network automaticaly.
>
>
>
>That being said I'm also happy to hear from other suppliers of =
appliances (not sure who else there is) or recomendations.
>
>
>
>For those who don't know much about either device the Arbor Pravail =
fact sheet can be found here
>
>
>
>http://www.arbornetworks.com/component/docman/doc_download/498-pravail-a=
ps-data-sheet-english?Itemid=3D442
>
>
>
>Like wise the fact sheet for the nsFocus ADS product can be found here
>
>
>
>http://www.nsfocus.com/en/uploadfile/Product/ADS/Datasheet/NSFOCUS%20ADS=
%20Data%20Sheet.pdf
>
>
>
>Until recently I was only aware of the Arbor device, although after =
doing some research I quicky came up with another options, I'm sure many =
other people have asked / looked into the same questions before so let =
the debate begin...
>
>
>
>Kindest Regards
>
>James Braunegg
>W: 1300 769 972 | M: 0488 997 207 | D: (03) 9751 7616
>E: james.braunegg@micron21.com<mailto:james.braunegg@micron21.com> | =
ABN: 12 109 977 666
>
>[Description: Description: Description: Description: M21.jpg]
>
>This message is intended for the addressee named above. It may contain =
privileged or confidential information. If you are not the intended =
recipient of this message you must not use, copy, distribute or disclose =
it to anyone other than the addressee. If you have received this message =
in error please return the message to the sender by replying to it and =
then delete the message from your computer.
>
>
>
