[c-nsp] Cisco Infra DDOS Protection
ar
ar_djp at yahoo.com
Fri Sep 21 12:49:58 EDT 2012
Thanks.
What could be a good replacement for 7600s to overcome this limitation?
ASR9K?Nexus7K?
By the way, I have tried netflow on 7600 and tcam shoots up.
I am still researching as to why 7600 sucks on this.
thanks
________________________________
From: "Dobbins, Roland" <rdobbins at arbor.net>
To: cisco-nsp NSP <cisco-nsp at puck.nether.net>
Sent: Friday, September 21, 2012 3:57 PM
Subject: Re: [c-nsp] Cisco Infra DDOS Protection
On Sep 21, 2012, at 1:44 PM, ar wrote:
> What's the accuracy and response time of netflow in ddos detection?
Answering this question separately, it works quite well, as long as the exporting devices provide quality flow telemetry (Cisco pre-Sup2T/-DFC4 6500s & 7600s have severe NetFlow limitations, as do pre-Sup7 4500s).
If you're just getting started with flow telemetry, I'd urge you to try out some of the various open-source collection/analysis tools such as nfdump/nfsen, nProbe, and so forth. You'll gain valuable operational experience by doing so, and will gain a good grasp of the capabilities and usefulness of flow telemetry.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list