NoOther
Supreme [H]ardness
- Joined
- May 14, 2008
- Messages
- 6,468
Anyone here work with Arbor, Radware, or similar DDoS solutions?
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Work closely with your ISP and get whatever sensor can tie into their mitigation. If you're attempting to mitigate a DDOS on your side of the circuit the battle is already lost.
This is good advice. Your ISP can do this far better than you can.
If they did i would be surprised if they said anything out in the open
Circuit side mitigation is not something you want to rely on. This may work for very sensitive applications that need scrubbed data to not crash (Minecraft comes to mind) without the pipe being saturated.. If your pipe is saturated, it doesn't matter what is on your end of it.
Arbor is essentially a cloud scrubber and works rather well. I've used it for a 9gbit DDoS.
You have know *exactly* what you want to block, or you are going to have downtime for real customers. Depending on your industry that is an SLA-level event which is bad news bears.
We have an Arbor Networks Peakflow SP unit that I priced and installed ~6 months ago. It receives netflow statistics from our edge peering routers and not only gives usage information but when it detects the start of a DDoS attack(usually within 15-30 seconds of the attack starting). It will trigger an alarm and notify me as well as trigger a blackhole BGP route and inject it into our routers. On our routers we have rules so that any BGP route that comes in from the Peakflow unit gets taken and sent to our upstream providers with the blackhole route community thereby stopping the traffic from hitting our network at all. That single /32 IP is offline but it's much better than taking down all of my customers and our network.