On Jan 24, 2009, at 1:34 PM, Jack Bates wrote:
Now I have fun trying to explain towards upstream management why a good security team and policy is important in anyone we purchase transit from.
Apart from commercial DDoS mitigation services, how many folks have SLAs which specify DoS-related response-times, ETRs, specify levels of service degradation, et. al. as part of their transit contracts, peering agreements, hosting/co-location agreements, etc.? How many end-customers have these terms written into their contracts with their SPs? Has anyone ever de-peered or terminated a transit or hosting/co- location relationship specifically due to DoS issues? If so, was it based upon specific contractual clauses related to DoS, or was some other metric used to justify ending the arrangement (i.e., non- adherence to traffic ratios due to DoS traffic, or other effects)? Did you have to pay a termination fee to get out of the arrangement? ----------------------------------------------------------------------- Roland Dobbins <rdobbins@cisco.com> // +852.9133.2844 mobile All behavior is economic in motivation and/or consequence.