We use Arbor for this - works quite well…. Peakflow/TMS .. We don’t do anything announcement wise upstream but don’t see why you couldn’t via communities... I’ve looked at one cloud based solution to date and decided appliance is a better solution specific to our needs. Paul On 12/18/2013, 11:36 AM, "Dan White" <dwhite@olp.net> wrote:
Can anyone recommend a vendor solution for DDOS mitigation? We are looking for a solution that detects DDOS attacks from sflow information and automatically announces BGP /32 blackhole routes to our upstream providers, or a similar solution.
Thank You.
On 08/05/13 21:09 +1000, Ahad Aboss wrote:
Scott,
Use a DDOS detection and mitigation system with DPI capabilities to deal with traditional DDOS attack and anomalous behaviour such as worm propagation, botnet attacks and malicious subscriber activity such as flooding and probing. There are only a few vendors who successfully play in this space who provide a self healing/self defending system.
Cheers Ahad -----Original Message----- From: sgraun@airstreamcomm.net [mailto:sgraun@airstreamcomm.net] Sent: Friday, 2 August 2013 11:37 PM To: nanog@nanog.org Subject: ddos attacks
I’m curious to know what other service providers are doing to alleviate/prevent ddos attacks from happening in your network. Are you completely reactive and block as many addresses as possible or null0 traffic to the effected host until it stops or do you block certain ports to prevent them. What’s the best way people are dealing with them?
Scott
-- Dan White