Mike, The free trial is the paid version right? Just was wondering if you use the community or advanced paid version.
On Wed, Jan 29, 2020 at 4:38 PM Mike <mike-na...@tiedyenetworks.com> wrote: > I had intended to use the paid version once the 'free trial' proved to > work, but for the previously mentioned reasons it did not and I gave up. > Would still love to have this style of solution in my network and still > open to other solutions, just haven't really found anything else. > > > On 1/28/20 2:46 PM, Colton Conor wrote: > > Mike, > > What did you end up going with if not fastnetmon? Were you using > their paid or free version? > > On Thu, Dec 5, 2019 at 4:45 PM Mike <mike-na...@tiedyenetworks.com> wrote: > >> >> On 12/5/19 1:43 PM, Hugo Slabbert wrote: >> >> FastNetMon is awesome, but its a detection tool with no mitigation >> >> capacity whatsoever. >> > >> > Does is not, though, provide the ability to hook into RTBH or Flowspec >> > setups? >> > >> >> Yes it does provide RTBH hook. >> >> I evaluated fastnetmon using exactly the 'quick setup' and found it to >> have some serious problems with false alarms and statistical anomalies, >> at least when using pure netflow data (did not try sampled mode). Hosts >> that were not in fact receiving >100mbps traffic (a traffic level I >> predetermined as 'attack' for a given network segment), would >> occasionally get flagged as such (and rtbh activated), while 2 real >> attacks that came during the testing period (60 days for me) went >> completely unnoticed. Support seemed to concede that sampled mode is >> really the only accurate method, and which by this time I'd expended all >> my interest. Great concept, cool integration, just not ready for prime >> time. >> >> >> MIke- >> >>
