Internet2 Network Security SIG

["Taylor, Scott J." <>]

I wasn’t able to join the meeting but I know a couple of folks from my team 
were and gave some good feedback.  We had F5 in last Friday and was very 
impressed with their offering.  It sounds similar to this one and the really 
interesting piece was how they priced it.  They did on prem detection with 
automated or manual swing to the cloud when a threshold was crossed.  They 
priced based on clean traffic coming out of the scrubbing center, number of 
/24’s you wanted protected at any given time but allow you to change the 
/24’s as needed.  They also included some proxy WAF for key services.  They 
didn’t go into great detail about their secret sauce but they did mention 
using other vendors equipment where they didn’t have the best of bread 
equipment.  They sounded interested in speaking with Internet2 about how they 
might education this group on their solution.  I also spoke with Radware last 
week who voiced they would be willing to do the same.  Both vendors took more 
than an hour of my time, closer to two hours, to explain their story.


-Scott



On 15/10/29, 15:10, 
"
 on behalf of Steven Wallace" 
<
 on behalf of 
>
 wrote:

>I was impressed, and it sounds like a combination of their on-prem, their 
>cloud for larger DDoS, and peek flow for signaling upstream providers would 
>be sweet, but costly for some.
>
>We have I2 members that have automated DDoS detection and signaling to UTRS 
>and/or RTBH via BPG for upstream filtering. For those of whom an on-prem 
>device is not a good option, it might be useful to pursue engaging Arbor 
>Cloud much the same way as UTRS, although Dan’s comment concerning detecting 
>the end of the attack would need to be solved.
>
>ssw
>