Go Back   Data Center, Colocation, Cloud Computing, Storage, Dedicated Servers Forums > General DataCenter Discussion Forum > Data center general discussion and solution

Reply

 

Thread Tools
  #11  
Old 10-05-2004, 09:32 PM
miketike
Guest
 
Posts: n/a
Default

How do you guys come up with Solution for Dos Attack?. Do you have hardware or software solution?.
Reply With Quote
  #12  
Old 10-05-2004, 09:52 PM
Davin
Guest
 
Posts: n/a
Default

Mike,

There are a few things to understand about Dos attacks before getting into the solution - the most important is that no matter what you have in line there will always be an attack that you can't handle.

The answer to the question is based on what you want to do with the DOS attack. If you're willing to just filter the attack (provided it's something that doesn't saturate your pipes) then there are a few multipurpose devices out there that will do just this sort of thing. There's a product from fortinet (www.fortinet.com), some big iron from foundry networks (www.foundrynetworks.com), and riverhead (www.riverhead.com).

If you want to actually try to stop the attack or get right in the middle of it and defend your network you can build something from the products that I've listed above.

When deciding you should consider how big your pipes are, how many sessions you're prepared to deal with, and at what point you're going to consider submitting a null route to your upstreams.

There are software-only solutions out there but the problem with them is that for a serious network the applications aren't going to be able to do ddos detection on full-stream data.
Reply With Quote
  #13  
Old 10-06-2004, 03:35 AM
KarlZimmer
Guest
 
Posts: n/a
Default

For DDoS's we take a number of measures. Much of it is filtered by the Juniper routers. We also can just null-route the affected the IP's being attacked right up to our upstream providers, but that rarely needs to happen. We also have plenty of capacity, currently 2 GigE's, with another 2 coming shortly.
Reply With Quote
  #14  
Old 10-06-2004, 03:45 AM
arnold
Guest
 
Posts: n/a
Default

You must have well engineered your network which is good. Mostly nowdays routers are try to detect Dos attack pattern and blocking in layer2. Am I correct?, If I am not can you correct me.
Reply With Quote
  #15  
Old 10-07-2004, 07:39 PM
Davin
Guest
 
Posts: n/a
Default

The big junipers can do some really neat things but the detection is starting to move into the layer-7 realm making it increasingly difficult to pluck those types of attacks out. The standard SYN flood is handled pretty well by most border-grade routers.

By the point the data is coming down the pipe at the DC it's already into layer 3. Internal (to the datacenter) blocking/filtering may be done at the layer-2 level but layer-2 gets mostly rewritten at every physical hop along the way.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:22 PM.

Member Area



Data Center Industry Daily News


Cloud and Dedicated Hosting


Sponsors Managed Servers Sponsored by DedicatedNOW.
Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.