Skip to Content.
Sympa Menu

netsec-sig - [Security-WG] What tools do people use to trigger Zenedge/Oracle Dyn's scrubbing service?

Subject: Internet2 Network Security SIG

List archive

[Security-WG] What tools do people use to trigger Zenedge/Oracle Dyn's scrubbing service?


Chronological Thread 
  • From: "Magorian, Daniel F." <>
  • To: "" <>
  • Subject: [Security-WG] What tools do people use to trigger Zenedge/Oracle Dyn's scrubbing service?
  • Date: Tue, 20 Nov 2018 18:41:10 +0000
  • Accept-language: en-US
  • Ironport-phdr: 9a23:JkEdKxZd5J7pJlg/Q2kE7FH/LSx+4OfEezUN459isYplN5qZr8u/bnLW6fgltlLVR4KTs6sC17KG9fi4EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCa+bL9oMBm6sRjau9ULj4dlNqs/0AbCrGFSe+RRy2NoJFaTkAj568yt4pNt8Dletuw4+cJYXqr0Y6o3TbpDDDQ7KG81/9HktQPCTQSU+HQRVHgdnwdSDAjE6BH6WYrxsjf/u+Fg1iSWIdH6QLYpUjmk8qxlSgLniD0fOjA57m/Zl9BwgqxYrhKguxNwzJXZYI6JOPZiZq7RYc8WSGhHU81MVyJBGIS8b44XAuYPOuhXtYb9p1wUrRu/HwasAvvjwSJGiHDs26060vouEQXb1wIgBd4CvmnfodL7OqgIV+C51q7Gwi/Mb/NRwzf96ZLHchY6rPGOXbJwbNDeyVErFw/fkFqftJHlMiqT2+8QsGab9/JtWf+xh2MksQ19vDeiy8g2hoXXho8Z10rI+Th4zYs2PdG0VVB3bN2+HJdOuCyXOJF6Tt4mTmxroio217wLtJ2jcCgE1psqxALTZvmCfoeU4h/uVemcLDJ6iX55Zr2yhBO//Ey7xeLhSMa51VZHoTBbntTNsH0Gygbd5dKdSvRn+0eswTaP2B7X6uFDOU07j7LbK5o/zb4/mJsfrVnPEjX0mEX2ka+ZbF0k+uyy5+v5f7rmu4eQN45yig7gLqQjgtGzDfo7PwQUQWSW9uux2Kf98UD5XblGlOA6n6javZzCIMQUvK+5Awtb0oY57Ba/Ci+r3toCknkBNl5LfwiIj4fuO1HUIfD3F/G/jk+ukDdr2vDJJKXhApHXInfdjbjhYK5x61RAxwor0dBf+5VUB6kaIP3tRkDxqcbYDh4lMw202urmBtp925gaWWKOGa+ZLLjSvUGS6uIuJemMeJEauCz7K/c7+/7ik2U1lkEAcqm0jtMrbyXyBfltPl+YfWupndgpEGEWsxA4QfCwzlCOTHQbM22/VL8m5y0qTZ2pJYbFWo23hrGdhmG2EoAANU5cDVXZW1LheIKeWv4KLGq+K8lgnzhMe/7rA9sN3BfokQb1zKBmJ+z8+C0FvIrnktV5+ruAxlkJ6TVoApHFgCm2RGZukzZQSg==

Hello Security WG folks!

We are having issues with ZenEdge/Oracle Dyn's RapidBGP triggering of their
scrubbing, and while they're figuring that out, I thought I would ask people
what tools they use to trigger scrubbing of subsets of your prefixes.

Yes, I know several folks have Arbox Peakflow boxes for on-prem scrubbing,
and use these to signal Zenedge's as well.

So does anyone have a netflow-based tool that seems to work well?

Thanks, Dan

-----Original Message-----
From: Magorian, Daniel F.
Sent: Wednesday, October 3, 2018 10:34 AM
To:

Subject: RE: [Security-WG] What are folks' experience using Zenedge's
scrubbing service....

We have the RapidBGP alerting service, and the main issue is false positives
from stuff like big user downloads and high volume of inbound traffic to our
Forcepoint/Websense http proxies. They're supposed to trigger on multiple
criteria not just volume, but when we complain to their tech support, they
respond a few days later saying they'll adjust something or other, all very
non-transparent. They have also promised more useful stuff in the portal;
right now it doesn't even know about the alerts they've sent you email about,
basically broken. Still a work in progress...

Dan

-----Original Message-----
From:


<>
On Behalf Of Steven Wallace
Sent: Wednesday, October 3, 2018 10:25 AM
To:

Subject: [Security-WG] What are folks' experience using Zenedge's scrubbing
service....

Greeting all,

Grateful if folks could share their experience using Zenedge’s scrubbing
service. Specifically, how does engaging, and removing, the scrubbing service
affect access to the hosts being scrubbed.

Is there a hit? Do users notice?

Thanks,

Steve

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.19.

Top of Page