DDoS mitigation recommendations
With Guard appliance and 65xx module being EoL'd, and Cisco's desire to exist the DDoS mitigation market, I'd like to get some recommendations of what other products people are having good success with. We are looking for something that can support 3Gbps - 10Gbps, multi-tenancy, seamless integration, and many of the basic features you'd see on the Guard. Thank you, -- -------------------------------------------------------------------------------- Tom Sands Chief Network Engineer Rackspace Hosting -------------------------------------------------------------------------------- Confidentiality Notice: This e-mail message (including any attached or embedded documents) is intended for the exclusive and confidential use of the individual or entity to which this message is addressed, and unless otherwise expressly indicated, is confidential and privileged information of Rackspace. Any dissemination, distribution or copying of the enclosed material is prohibited. If you receive this transmission in error, please notify us immediately by e-mail at abuse@rackspace.com, and delete the original message. Your cooperation is appreciated.
One more for Arbor. -----Original Message----- From: David Freedman [mailto:david.freedman@uk.clara.net] Sent: Tuesday, January 26, 2010 8:17 AM To: nanog@nanog.org Subject: Re: DDoS mitigation recommendations
Arbor stuff comes to mind and works very well in our experiences....
Arbor++ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
-----Original Message----- From: David Freedman [mailto:david.freedman@uk.clara.net] Sent: Tuesday, January 26, 2010 8:17 AM To: nanog@nanog.org Subject: Re: DDoS mitigation recommendations
Arbor stuff comes to mind and works very well in our experiences....
Arbor++
We've already done an initial trial with the Arbor device, and it does work well. Our biggest sticking point with it is that it lacks the granular level of visibility and control that we've been used to and often needed to tweak profiles. Basically, it does what it's supposed to well, but you really can't tell what that is, and if it's not catching all of a DDoS you have little insight as to what's being missed or control to correct it. Thank you, Tom Sands Chief Network Engineer Rackspace Confidentiality Notice: This e-mail message (including any attached or embedded documents) is intended for the exclusive and confidential use of the individual or entity to which this message is addressed, and unless otherwise expressly indicated, is confidential and privileged information of Rackspace. Any dissemination, distribution or copying of the enclosed material is prohibited. If you receive this transmission in error, please notify us immediately by e-mail at abuse@rackspace.com, and delete the original message. Your cooperation is appreciated.
----- Original Message ----- From: "Tom Sands" <tsands@rackspace.com> Cc: <nanog@nanog.org> Sent: Thursday, January 28, 2010 6:01 AM Subject: Re: DDoS mitigation recommendations
-----Original Message----- From: David Freedman [mailto:david.freedman@uk.clara.net] Sent: Tuesday, January 26, 2010 8:17 AM To: nanog@nanog.org Subject: Re: DDoS mitigation recommendations
Arbor stuff comes to mind and works very well in our experiences....
Arbor++
We've already done an initial trial with the Arbor device, and it does work well. Our biggest sticking point with it is that it lacks the granular level of visibility and control that we've been used to and often needed to tweak profiles. Basically, it does what it's supposed to well, but you really can't tell what that is, and if it's not catching all of a DDoS you have little insight as to what's being missed or control to correct it.
Thank you,
Tom Sands Chief Network Engineer Rackspace
Out of curiousity, what's your baseline or "that we've been used"? tv
Sorry but RTFM http://mailman.nanog.org/pipermail/nanog/2010-January/thread.html#16675 Best regards
participants (5)
-
David Freedman -
jul -
Korten, Sean -
Tom Sands -
Tony Varriale