This gives some comparison of cloud based Ddos mitigation providers. https://www.ombud.com/product/compare/prolexic-ddos-protection On Jan 10, 2015 10:50 PM, "Damian Menscher" <dam...@google.com> wrote:
> On Thu, Jan 8, 2015 at 9:01 AM, Manuel MarĂn <m...@transtelco.net> wrote: > > > I was wondering what are are using for DDOS protection in your networks. > We > > are currently evaluating different options (Arbor, Radware, NSFocus, > > RioRey) and I would like to know if someone is using the cloud based > > solutions/scrubbing centers like Imperva, Prolexic, etc and what are the > > advantages/disadvantages of using a cloud base vs an on-premise solution. > > It would be great if you can share your experience on this matter. > > > > On-premise solutions are limited by your own bandwidth. Attacks have been > publicly reported at 400Gbps, and are rumored to be even larger. If you > don't have that much network to spare, then packet loss will occur upstream > of your mitigation. Having a good relationship with your network > provider(s) can help here, of course. > > If you go with a cloud-based solution, be wary of their SLA. I've seen > some claim 100% uptime (not believable) but of course no refund/credits for > downtime. Another provider only provides 20Gbps protection, then will > null-route the victim. > > On Sat, Jan 10, 2015 at 4:19 PM, Charles N Wyble <char...@thefnf.org> > wrote: > > > Also how are folks testing ddos protection? What lab gear,tools,methods > > are you using to determine effectiveness of the mitigation. > > > Live-fire is the cheapest approach (just requires some creative trolling) > but if you want to control the "off" button, cloud VMs can be tailored to > your needs. There are also legitimate companies that do network stress > testing. > > Keep in mind that you need to test against a variety of attacks, against > all components in the critical path. Attackers aren't particularly > methodical, but will still randomly discover any weaknesses you've > overlooked. > > Damian >
