FastNetMon is awesome, but its a detection tool with no mitigation capacity whatsoever.
On Wed, Dec 4, 2019 at 7:16 PM Rabbi Rob Thomas <r...@cymru.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hello, NANOG! > > My thanks again to all who responded with suggestions, tips, and > further considerations. I appreciate it very much! > > As promised, here is my pithy summary of your detailed suggestions. > I've included URLs for those who may wish to conduct further research. > We've not made our selection yet, and likely won't until early 2020. > At present I'm busy building out our new backbone, and thus can't yet > offer up my own recommendation. Who needs sleep? :D > > Several folks shared their architecture and deployment > recommendations, which were quite insightful. Placement of these > devices, and in particular a centralized monitoring solution for > distributed deployments, were keys to success. > > There were no support concerns for any of these suggestions. > > Folks have used open source and freeware, but generally recommended > commercial offerings. These required less manual intervention. > > It was aces to see so many folks employing techniques such as flowspec > and RTBH. > > DDoS appliance recommendations: > > . Anycast and fat pipes > - Multiple votes > > . Massive peering > - Multiple votes > - Be ready for peering requests from me :) > > . Arbor Netscout > - Multiple votes > - Consistently labeled as "expensive" > - https://www.netscout.com/arbor-ddos > > . RioRey > - Multiple votes > - http://www.riorey.com/ > > . Juniper routers MX240 or MX480 > - > https://www.juniper.net/us/en/products-services/routing/mx-series/mx240/ > - > https://www.juniper.net/us/en/products-services/routing/mx-series/mx480/ > > . NFOCUS ADS > - ADS 8000 is the scrubbing box > - ADS-m is the monitoring box > - NTS is the box which uses Netflow to find unwanted traffic > - https://nsfocusglobal.com/anti-ddos-system-ads/ > > . Wanguard+Wanfilter > - https://www.andrisoft.com/software/wanguard > - https://www.andrisoft.com/software/wanguard/ddos-mitigation-protecti > on > > . A10 Thunder ADC > - https://a10networks.optrics.com/products/application-delivery.aspx > > . FastNetMon > - Free or inexpensive > - https://fastnetmon.com/ > > Thank you! > Rob, the routing rabbi. > - -- > Rabbi Rob Thomas Team Cymru > "It is easy to believe in freedom of speech for those with whom we > agree." - Leo McKern > -----BEGIN PGP SIGNATURE----- > > iQIzBAEBCAAdFiEEDcVjavXj08cL/QwdQ+hhYvqF8o0FAl3n97AACgkQQ+hhYvqF > 8o1zdA//aSCm5pVs2O6g88cqTMkOP9RMHndPv0HMSSbaGTKvLEgfO+Vb3uC//GrU > GqOVPdq2DqMk0iYnplRFqXIGD1wPT6q6m141FCm0srh6Wza4Q4+9uRoOMoNFDGu4 > +PWjKTlThUyu2GzpTEDehMU1ruN0cXtKSNa3Pz9CXTNLcDDf5d1L+Jdfci6I7kKp > 6flJG6IIuxDXKMhByywmYW2pEGfMqqgKK6maqyICwtvA4rL/rB54cwvNjE8fnhuY > qboqkYXQDFO0+8+lVeWQXVCh5NGD8HfD+pZ7h4sLEp6/6WMivQ7WBZdno7wMW73U > vexICCPq5zSfcir7ME4BIBfSRpDZZODBAe6T2EQ9X/ehy+iJEnnQV7NZ96nHLOZc > dCTY29XC4Un1kAWN0HfNP7be8SuXmFt4VcuuOVzlUuwoBIDzUX9+eDgoZN2uRYvd > ev27CL3dr1RAuWLRzauOz6nJGiKqZ2Hh1JhEaqAxC4V+zJfeGMuNiqazJ1SjDVkG > lAufVLdjsIy7AoCjkJI7diVQ6QuBR70w0p9l8rFaJ5rc/Ef9OzLR8Po4QlJHstLD > IaD9IKCoqnlucxFQmHA45Zp+h+EZvo32lg4Cy3rDv4NweoFhzgxpq6ER1IvS3k4T > zhiAsZxKPwitwxNdRUg0Qb1wFq3gwa9nDUv3Z0cy6+CE/zSg0KU= > =hYKB > -----END PGP SIGNATURE----- > -- Alexander Lyamin, VP & Founder Qrator <http://qrator.net/>* Labs CZ * office: +420 602 558 144 <++420+602+558+144> mob: +420 774 303 807 <++420+774+303+807> skype: melanor9 mailto: l...@qrator.net
