Definitely expensive but for a lot of folks it’s much more economical if you only see major DDOS activity once in a while to pay someone else to deal with it.
I think it works best for popular websites, small ISP’s etc – larger ISP’s it won’t work well unless the model has changed. From: Af [mailto:[email protected]] On Behalf Of Josh Baird Sent: Thursday, July 9, 2015 7:17 AM To: [email protected] Subject: Re: [AFMUG] Denial of service mitigation They will typically announce your networks via BGP and then route the clean traffic back to you via private transport (often encapsulated in a GRE tunnel). This is extremely expensive. Josh On Thu, Jul 9, 2015 at 12:27 AM, TJ Trout <[email protected] <mailto:[email protected]> > wrote: How's that going to work? Route all of your traffic to them first by VPN? I think that's just for websites...? On Wed, Jul 8, 2015 at 8:57 PM, Seth Mattinen <[email protected] <mailto:[email protected]> > wrote: On 7/8/15 7:48 PM, Andreas Wiatowski wrote: Wondering if anyone has a magic answer to DDOS mitigation beyond “buy more bandwidth”? Other than having excess bandwidth to absorb it or null routing the target IP upstream, there's DDoS scrubbing services like Prolexic. ~Seth
