If all you need is initial mitigation against fairly basic flood type attack vectors, then the Radware and a host of other similar appliances, should do the job. I know Radware is in the stack of a few very successful DDoS mitigation services. But if you intend to offer a premium DDoS mitigation service, then you should invest in the likes of Arbor. The Arbor Fingerprint Sharing Alliance is a big time value-add and their support organization (including ArborSERT) is top-notch. In addition to good marketing, there are sound technical reasons why Arbor is found in the mitigation stacks of most top-tier service providers.
Whatever on-premise mitigation solution you implement, I also strongly recommend forming a commercial alliance with a dedicated mitigation service provider (e.g. Prolexic, Verisign, DOSarrest) so that you have a contingency plan for when the attacks get too big/sophisticated to effectively mitigate without affecting your infrastructure and your ability to meet SLAs to other customers. When sh*t hits the fan, it is good to be able to get the targeted /24 off your transit/peering links. Lastly, successful mitigation requires that you have excellent relationship along with well-rehearsed playbook (e.g. for ACL and null-routing) in place with all your transit/peering links. -----Original Message----- From: Dennis Usle [mailto:[email protected]] Sent: Sunday, December 02, 2012 1:12 PM To: James Braunegg Cc: [email protected] Subject: Re: DDOS hardware appliances for network security - Arbor Pravail APS vs nsFocus ADS 6020 - Reviews - Feedback Checkout Radware Defense Pro. It offers some very innovative approaches to network and application attack mitigation. I particularly like the NBA and real time signatures. James Braunegg <[email protected]> wrote: >Dear Nanog > > > >I would like to start a discussion on network security DDOS hardware >appliances, mainly compairing the Arbor Pravail APS device vs the nsFocus >ADS6020 device as I am looking at investing in such a product and would love >to hear some industry feedback, reviews, information and from vendors etc. > > > >To provide some background information we are looking at a device for inline >filtering to clean / filter out unwanted traffc inbound towards our network >automaticaly. > > > >That being said I'm also happy to hear from other suppliers of appliances (not >sure who else there is) or recomendations. > > > >For those who don't know much about either device the Arbor Pravail fact sheet >can be found here > > > >http://www.arbornetworks.com/component/docman/doc_download/498-pravail-aps-data-sheet-english?Itemid=442 > > > >Like wise the fact sheet for the nsFocus ADS product can be found here > > > >http://www.nsfocus.com/en/uploadfile/Product/ADS/Datasheet/NSFOCUS%20ADS%20Data%20Sheet.pdf > > > >Until recently I was only aware of the Arbor device, although after doing some >research I quicky came up with another options, I'm sure many other people >have asked / looked into the same questions before so let the debate begin... > > > >Kindest Regards > >James Braunegg >W: 1300 769 972 | M: 0488 997 207 | D: (03) 9751 7616 >E: [email protected]<mailto:[email protected]> | ABN: >12 109 977 666 > >[Description: Description: Description: Description: M21.jpg] > >This message is intended for the addressee named above. It may contain >privileged or confidential information. If you are not the intended recipient >of this message you must not use, copy, distribute or disclose it to anyone >other than the addressee. If you have received this message in error please >return the message to the sender by replying to it and then delete the message >from your computer. > > >
