[c-nsp] Modern BGP peering border router and DDoS attack defense
recommendations?
Sam Crooks
sam.a.crooks at gmail.com
Fri Jun 10 19:02:55 EDT 2005
I hear you and understand..... administrative and security
policy-based topology and equipment specs on the part of the business
owner(s), as well as their regulatory compliance dictate otherwise....
besides, I need to be a BGP peer, and capable of switching providers
as needed.
On 6/10/05, Arie Vayner <arievayner at gmail.com> wrote:
> My point about the 2950's was that you should not plan on fighting
> DDoS by your own or by putting bigger routers.
> I am working with many web sites/online applications that use a
> firewall and a bunch of L2 switches in a colo space. This should be
> more than enough for anything, except DDoS.
>
> My other point was that DDoS should be delt with by the colo provider
> based on a shared protection device and their infrastructure (which
> would always be more robust than what you would be able to build,
> unless you are building a new Google...)
>
> Arie
>
More information about the cisco-nsp
mailing list