[179176] in North American Network Operators' Group
Re: PoC for shortlisted DDoS Vendors
daemon@ATHENA.MIT.EDU (Pavel Odintsov)
Thu Apr 2 10:07:13 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <20150402065225.61BB32C04A8@mail.nanog.org>
Date: Thu, 2 Apr 2015 17:03:27 +0300
From: Pavel Odintsov <pavel.odintsov@gmail.com>
To: "dennis@justipit.com" <dennis@justipit.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Hello!
What about open source alternatives? Main part of commercial ddos filters
are simple high performace firewalls with detection logic (which much times
more stupid than well trained network engineer).
But attacks for ISP is not arrived so iften and detection part coukd be
executed manually (or with oss tools like netflow analyzers or my own
FastNetMon toolkit).
For wire speed filtration on 10ge (and even more if you have modern cpu; up
to 40ge) you could use netmap-ipfw with linux or freebsd with simple
patches (for enabling multy process mode).
On Thursday, April 2, 2015, dennis@justipit.com <dennis@justipit.com> wrote:
> You should include Radware on that list .
>
> ----- Reply message -----
> From: "Mohamed Kamal" <mkamal@noor.net <javascript:;>>
> To: "NANOG" <nanog@nanog.org <javascript:;>>
> Subject: PoC for shortlisted DDoS Vendors
> Date: Wed, Apr 1, 2015 9:51 AM
>
> In our effort to pick up a reasonably priced DDoS appliance with a
> competitive features, we're in a process of doing a PoC for the
> following shortlisted vendors:
>
> 1- RioRey
> 2- NSFocus
> 3- Arbor
> 4- A10
>
> The setup will be inline. So it would be great if anyone have done this
> before and can help provide the appropriate tools, advices, or the
> testing documents for efficient PoC.
>
> Thanks.
>
> --
> Mohamed Kamal
> Core Network Sr. Engineer
--
Sincerely yours, Pavel Odintsov
