On May 12, 2014 6:53 PM, "Justin M. Streiner" <streiner@cluebyfour.org> wrote:
On Mon, 12 May 2014, Bob Evans wrote:
Ahh, Yep, same thing port and/or protocol for an address range. I
seen that accomplished via BGP. I know ATT will do it - they want about 2K more per month for that ability. All your traffic is redirected (extra hops ) through a firewall. So, it's a basic expensive firewall service.
We have done both port based and protocol. But it gets installed by hand only on the connected port the customer.
From what I've seen, most of the major carriers don't filter traffic outside of truly exceptional circumstances, or it's treated as a revenue
haven't source. If it's offered at all, it's often priced unattractively, because carriers often don't want to be in the firewall/port-filtering business.
jms
All my providers provide me incident response that includes rtbh as well as ACL and in some cases protocol rate limiting. ACL may take a while working the phone, but rtbh is immediate. I substanilly decreased business with at&t since they do not offer rtbh. Rtbh is really the floor on security features, and at&t is below the floor. CB