netsec-sig - Re: [Security-WG] possible Arbor DDoS topology thru I2
Subject: Internet2 Network Security SIG
List archive
- From: "Dale W. Carder" <>
- To: "Magorian, Daniel F." <>
- Cc: "" <>
- Subject: Re: [Security-WG] possible Arbor DDoS topology thru I2
- Date: Thu, 29 Oct 2015 16:51:36 -0500
Thus spake Magorian, Daniel F.
()
on Thu, Oct 29, 2015 at 07:17:45PM +0000:
> I2 contracts with Arbor for large number of cloud scrubbing mitgations, so
> service customers don't have to worry about 3-day/mitigation limit or using
> up their quota.
>
> I2 connects to Arbor at E/W Equinixes, then return traffic can use I2
> directly and avoids haing to use GRE tunnels thru commodity ISPs. This
> assumes I2 pipes to service customers large enough handle extra scrubbed
> traffic, probably generally true.
>
> Use 3rd -party DDoS detection software (Is this same as Geant uses written
> by Greek guys?)
I think you are referring to FoD? https://github.com/grnet/flowspy
It is a delegated web (both human and rest) interface for injecting bgp
flowspec routes in via netconf. We have a installation of it running in
a test environment and it seems pretty cool.
For FOSS detection there are various options of which fastnetmon has
been previously mentioned.
Dale
- [Security-WG] possible Arbor DDoS topology thru I2, Magorian, Daniel F., 10/29/2015
- Re: [Security-WG] possible Arbor DDoS topology thru I2, Dale W. Carder, 10/29/2015
- RE: [Security-WG] possible Arbor DDoS topology thru I2, Magorian, Daniel F., 10/29/2015
- Re: [Security-WG] possible Arbor DDoS topology thru I2, Dale W. Carder, 10/29/2015
Archive powered by MHonArc 2.6.16.