the below is true but means you typically bin the good traffic to your customer also...
Sent from my iPad On 29 Apr 2013, at 16:00, "Zoë O'Connell" <[email protected]<mailto:[email protected]>> wrote: On 29/04/2013 12:53, Simon Green wrote: We’re looking at DDoS mitigation options at the moment, and one vendor we’ve spoken to has recommended NSFOCUS and their ADS line. Has anybody had any experience with these or similar, and also any ideas on competitor costs? I've not used that particular brand, but I have not yet come across a DDoS attack that could not be mitigated by a combination of remote-triggered blackhole routing, upstreams willing to filter and decent firewall/UTM devices. The only time a company I've worked for has had to disconnect a customer due to an attack was a shared hosting customer where it was decided as director level that it simply wasn't worth spending any time whatsoever on it. What the DDoS protection boxes generally buy you is a marginally faster response in some cases and the ability to get some sort of limited response when senior staff are not immediately available. They are also useful as one element of an overall DDoS mitigation strategy if you expect to come under serious, repeated attack due to the nature of the site you host. (E.g. finance or gambling related)
