> Hi List,
>
> i need to protect a "realtime" website with an inline IPS from (D)DOS attacks.

You should not be looking at Cisco, McAfee, or Tippingpoint (or, as some
have suggested, Sourcefire or Fortinet). None of them specializes in
DoS attacks, and all will give you fairly poor results if that's your
main concern. This is not to say that these aren't great products when
used as designed; it's just to point out that none of them are designed
to be very good at DoS protections. I'm sure that the sales droids are
happy to tell you that they're good DoS boxes but, as you found out,
they aren't.

You want to look at products that focus on DoS (and other rate-based
attacks), probably starting with TopLayer and Arbor (someone else
already suggested that), but also Mazu (now part of Riverbed). There
are also some smaller companies that have had success in this space.
For example, one of our customers bought a DoS mitigation box from
Riorey (http://www.riorey.com/) and they think it's the bees knees.

jms

--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One Phone: +1 520 324 0494
jms (at) Opus1 (dot) COM [email concealed] http://www.opus1.com/jms

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a
17f194

[ reply ]