[160119] in North American Network Operators' Group
Re: box against dos/ddos
daemon@ATHENA.MIT.EDU (dennis)
Thu Jan 31 13:36:20 2013
From: "dennis" <dennis@justipit.com>
To: "Suresh Ramasubramanian" <ops.lists@gmail.com>,
"Piotr" <piotr.1234@interia.pl>
In-Reply-To: <CAArzuothA4pXkvYADozF6L5sPVCMj6HATykyo8bVV0iUSO3Cgg@mail.gmail.com>
Date: Thu, 31 Jan 2013 13:36:05 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Agreed, my shortlist for evaluation would include Arbor, Radware and Genie
NRM. New players to the market include just about every IPS and
application load balancing solution out there.
--------------------------------------------------
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
Sent: Thursday, January 31, 2013 10:23 AM
To: "Piotr" <piotr.1234@interia.pl>
Cc: <nanog@nanog.org>
Subject: Re: box against dos/ddos
> arbor peakflow to start with?
>
> On Thursday, January 31, 2013, Piotr wrote:
>
>> Hi,
>>
>> I looking some box (vendor, model), which i can put out of the
>> main/product network, which can analyze packets netflow,sflow,syslog
>> from
>> bgp router(s) and after discover some anomaly it can do some action, for
>> example:
>>
>> - Box have bgp session with bgp router and advertise attacked ip prefix
>> with some community. Bgp router set next-hop for this prefix to /dev/null
>>
>> Normal traffic via bgp router is about 1G/s in and 10G/s out
>>
>> What is worth of looking and what you suggest ?
>>
>> thanks for help,
>> Piotr
>>
>>
>
> --
> --srs (iPad)
>
