Security Basics
DDoS protection Jun 16 2014 08:16AM
kartik netec gmail com (6 replies)
Re: DDoS protection Jun 16 2014 06:25PM
Dolev Farhi (dolevf gmx com)
Re: DDoS protection Jun 16 2014 02:31PM
Kelly Keeton (kellyrkeeton gmail com) (1 replies)
Re: DDoS protection Jun 16 2014 09:15PM
Raistlin Majere (raistlin majere net)
RE: DDoS protection Jun 16 2014 01:18PM
Sable, Amol (Amol_Sable bmc com)
RE: DDoS protection Jun 16 2014 12:15PM
Jácint TÓTH (Jacint Toth xapt com)
Hi,

The answer to the first question is "it depends". At bandwidths that Your ISP can easily handle, the answer is probably no, their equipment is better placed and probably of a higher grade, so it is better to handle the DDoS protection there, and just put some "of sound mind" sort of things on Your end to handle small-scale stuff that may no even trigger detection thresholds at the ISP.

Now on the other hand, if you are in a large hosted environment like a server hotel hooked up directly to an Internet Exchange, or are handling huge amounts of traffic in a datacenter, maybe even function as a traffic concentrator for a larger MAN/WAN/GAN, then it does make sense to have an own solution for the purpose of DDoS protection and maybe firewalling integrated with it. At 10G and higher traffic links and/or several 100s of thousands of RPS on NORMAL traffic, You would probably want to know exactly what You are working with, what's happening to it, and eliminate the delays with having an external entity manage the service.

Cost-wise, You have to measure cost vs. potential risk and loss of income if You don't have these, and this calculation will almost always happen to bring You into the 6-digit range in a year at least (USD), as there are significant costs associated with procuring/implementing/operating/supporting such devices. So if you are far beneath that range budget-wise or traffic-wise, don't bother, go with the managed service of the ISP.

As for the second question, at first thought there is A10 Networks who have several appliances up to N*40Gb bandwidth for both dedicated DDoS protection and integrated into an application firewall/load balancer, and Cisco's Guard XT series is also an option if You are playing in this league. Ctrix's Netscalers are balancers /ALGs that can help You with DDoS-protection for certain protocols, but these are not really dedicated security devices.

If you just want to go for "something", or build something small-scale, then You coul do some testing with say Aache mod_security on an OpenBSD or FreeBSD with pf, these are working fine on a small scale and are cheap to build and maintain, but You'll probably end up managing them Yourself and bear in mind, community support is nothing compared to what a large vendor will provide.

Cheers,
--
Jacint

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of kartik.netec (at) gmail (dot) com [email concealed]
Sent: Monday, June 16, 2014 10:17 AM
To: security-basics (at) securityfocus (dot) com [email concealed]
Subject: DDoS protection

Hi,

My question is about the DDoS protection appliances. Is it really worth spending $$$$$ buying a DDoS appliance if we already had DDoS subscription from the ISPs?

And apart from Arbor and Fortinet, do we have any other big player in this technology?

PS: we are not evaluating cloud based DDoS protection.

Please advise.

Thanks,
KT

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]
Re: DDoS protection Jun 16 2014 12:10PM
Kopacsi, Christian (Christian Kopacsi chemicalbankmi com) (2 replies)
Re: DDoS protection Jun 16 2014 10:17PM
PEra (MLS) (lists sevenlayers org)
Re: DDoS protection Jun 16 2014 06:21PM
Dolev Farhi (dolevf gmx com)
Re: DDoS protection Jun 16 2014 11:31AM
tdjackey (tdjackey gmail com) (1 replies)
Re: DDoS protection Jun 16 2014 06:27PM
Rob Morin (rob 24365 ca) (2 replies)
Re: DDoS protection Jun 17 2014 12:50PM
Abhishek Kumar \(abhkuma7\) (abhkuma7 cisco com)
RE: DDoS protection Jun 17 2014 10:12AM
rajumsn ingvysyabank com


 

Privacy Statement
Copyright 2010, SecurityFocus