[183016] in North American Network Operators' Group
Re: Experience on Wanguard for 'anti' DDOS solutions
daemon@ATHENA.MIT.EDU (Richard Holbo)
Mon Aug 10 13:58:50 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <1117637696.1801282.1439189885305.JavaMail.yahoo@mail.yahoo.com>
Date: Mon, 10 Aug 2015 10:58:48 -0700
From: Richard Holbo <holbor@sonss.net>
To: Marcel Duregards <marcel.duregards@yahoo.fr>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
We are currently using Wanguard. Have had it in place for about 6months.
Have not setup BGP peering with my edges to blackhole inbound traffic yet
simply because I haven't had time, but the product itself seems to be
pretty full featured and has lots of options and a pretty reasonable
interface. I've got two netflow sensors running against Huawei NE40
routers with full routes. For now (I get two or three 2G+ DDOS a month)
it's been enough to see the alert and manually blackhole it .
Getting ahold of support can be a bit of a chore, but they do respond, and
the manual is good.
Have you setup the Demo yet?
/rh
On Sun, Aug 9, 2015 at 11:58 PM, Marcel Duregards <marcel.duregards@yahoo.fr
> wrote:
> Dear Nogers,
> We are currently evaluating some DDOS detection/mitigation solutions.
> Do you have any inputs/experiences on Wanguard from Andrisoft, please ?
> https://www.andrisoft.com/software/wanguard
> Currently we are just interested on the packets/flows sensors with the
> console for detection and RTBH trigger. Maybe the packet filtering (for
> scrubbing) will come later.
> Best Regards,-Marcel Duregards
>
>
>
>
