On Wed, 01 Apr 2015 19:51:54 +0300 Mohamed Kamal <mkamal@noor.net> wrote:
The setup will be inline. So it would be great if anyone have done this before and can help provide the appropriate tools, advices, or the testing documents for efficient PoC.
Hi Mohamed, We recently introduced a community RTBH service called UTRS that might be a useful tool in your toolbox. Automated route relay went into effect not long ago and it seems to be working well. It isn't equivalent to any of the vendors you listed, but complimentary (and completely free :-) so I hope you don't mind me mentioning it. You can find more about it here: <https://www.cymru.com/jtk/misc/utrs.html> As for other tools... NfSen may be an open source option you want to consider. It can be extended with plugins you or others provide: <http://nfsen.sourceforge.net/> Team Cymru has leveraged that with a set of plug-ins based on our insight for your network. If you want to talk to us about it, see: <https://www.team-cymru.org/Flow-Sonar.html> You might also check out: <https://github.com/FastVPSEestiOu/fastnetmon> <https://bitbucket.org/tortoiselabs/ddosmon> <http://sourceforge.net/projects/panoptis/> Cisco has, or had the Cisco Guard family of products, formerly based on the Riverhead acquisition, but that platform was end-of-sale some time ago and is effectively dead. They (and some other hardware vendors) have since begun to license Arbor into their gear. John