netsec-sig - RE: [Security-WG] DDOS Mitigation
Subject: Internet2 Network Security SIG
List archive
- From: "Beadles, Mark A." <>
- To: "" <>
- Subject: RE: [Security-WG] DDOS Mitigation
- Date: Tue, 3 May 2016 20:15:29 +0000
- Accept-language: en-US
- Authentication-results: spf=pass (sender IP is 164.107.81.222) smtp.mailfrom=oar.net; internet2.edu; dkim=none (message not signed) header.d=none;internet2.edu; dmarc=bestguesspass action=none header.from=oar.net;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:23
Last year we did a vendor comparison for a limited portion of our network
that included head-to-head testing between Radware and Arbor. BUT we had a
short time frame so we weren't able to formally test the actual traffic
cleaning effectiveness or error rates. Neither Arbor nor Radware were
particularly keen to share their false-positive rate with us, and we did
repeatedly ask for those figures. In the end the selection was done on purely
economic terms.
Arbor was selected for that network, and our clients who are using Arbor
scrubbing are reporting that it works without having to tailor the
mitigations. Another BUT, this is based on a very small number of cloud
mitigations so there may be no significance.
Mark Beadles
Chief Information Security Officer
OARnet
-----Original Message-----
From:
[mailto:]
On Behalf Of David Farmer
Sent: Tuesday, May 03, 2016 2:28 PM
To:
Subject: [Security-WG] DDOS Mitigation
Has anyone evaluated the effectiveness of Arbor TMS VS. Radware DefensePro
for DDOS mitigation, the actual cleaning of the traffic?
I'd be especially interested in experience regarding false positives,
dropping good traffic? The effectiveness of auto-mittigation, do you have to
tailor the mitigations to individual attacks, or does the attack traffic get
cleaned without much human intervention?
Anyone tested or using either product want to comment?
Radware has an out of line diversion model working now. We are currently
testing both products and planning to implement Peakflow for flow analysis
and DDOS detection, and are deciding between TMS and DefensePro for 40G of
mitigation, the cleaning of the traffic.
Has anyone evaluated other products for flow analysis and DDOS detection or
DDOS mitigation and traffic cleaning portions.
Thanks
--
===============================================
David Farmer
Email:
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 612-626-0815
Minneapolis, MN 55414-3029 Cell: 612-812-9952
===============================================
- [Security-WG] DDOS Mitigation, David Farmer, 05/03/2016
- RE: [Security-WG] DDOS Mitigation, Beadles, Mark A., 05/03/2016
- Re: [Security-WG] DDOS Mitigation, David Farmer, 05/03/2016
- RE: [Security-WG] DDOS Mitigation, Beadles, Mark A., 05/03/2016
- Re: [Security-WG] DDOS Mitigation, David Farmer, 05/03/2016
- Re: [Security-WG] DDOS Mitigation, Karl Newell, 05/06/2016
- RE: [Security-WG] DDOS Mitigation, Magorian, Daniel F., 05/09/2016
- Re: [Security-WG] DDOS Mitigation, Karl Newell, 05/09/2016
- RE: [Security-WG] DDOS Mitigation, Magorian, Daniel F., 05/09/2016
- RE: [Security-WG] DDOS Mitigation, Beadles, Mark A., 05/03/2016
Archive powered by MHonArc 2.6.16.