On Mon, 12 Sep 2011 22:38:57 BST, Nick Hilliard said:
Let's throw some figures around (ridiculously simplified): a company has a choice between a pair of $10k software routers or something like a pair of MX80s for $25k each. So, one solution costs $20k; the other $50k. $30k cost difference works out as $625 per month depreciation (4 year). I.e. not going to affect the bottom line in any meaningful way.
Now say that this company has a DoS attack for 24h, and the company effectively loses one day of revenue. On the basis that there are 260 office working days per year, the point at which spending an extra $30k for a hardware router would be of net benefit to the company would be 260*30k = $7.8m. I.e. if your annual revenue is higher than that, and if spending that cash would mitigate against your DoS problems, then it would be worth your while in terms of direct loss mitigation.
Of course, this analysis is quite simplistic and excludes things like damage to reputation, online stores, the likelihood of DoS attacks happening in the first place, the cost of transit and many other points of reality.
One important thing it overlooks is what percent of DDoS attackqs are simple "flood the pipe" attacks directed at a target behind the router. If you got a 100M or 1G pipe to the outside world and you're getting hammered by multiple G worth of packets, things are going to suck no matter what the router is. And let's face it, kicking that pipe to 10G is gonna cost a bit....