On Jan 8, 2010, at 3:21 PM, Arie Vayner wrote:
Further on, if you want to really protect against a real DDoS you would most likely would have to look at a really distributed solution, where the different geographical load balancing solutions come into play.
GSLB or whatever we want to call it is extremely useful from a general availability standpoint; however, the attackers can always scale up and really distribute their already-DDoS even further (they learned about routeservers and DNS tinkering years ago). Architecture, visibility, and control are key, as are vendor/customer/peer/upstream/opsec community relationships. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken