On 8 Feb 2015, at 23:00, BPNoC Group wrote:
Mr Dobbins' slides/presentation gives an idea that a proxy (waf,
whatever) fits sitting unprotected among routers and application
servers, while its also stateful and fragile enough to deserve
previous protection.
from p.16 of the presentation in question:
'If stateful firewalls cannot be immediately removed from the
architecture, they must be protected against DDoS via S/RTBH, flowspec,
IDMS, et. al., just like servers!'
from p.19 of the presentation in question:
'Load-balancers must be protected against DDoS - stateless ACLs for
policy enforcement, S/RTBH, flowspec, IDMS, and so forth.'
from p.28 of the presentation in question:
'Reverse-proxy farms must be protected from DDoS via S/RTBH, flowspec,
IDMS, et. al.'
-----------------------------------
Roland Dobbins <rdobb...@arbor.net>
