From: Joel Snyder (Joel.SnyderOpus1.COM)
Date: Wed Jul 29 2009 - 14:10:51 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Hi List,
>
> i need to protect a "realtime" website with an inline IPS from (D)DOS attacks.

You should not be looking at Cisco, McAfee, or Tippingpoint (or, as some
have suggested, Sourcefire or Fortinet). None of them specializes in
DoS attacks, and all will give you fairly poor results if that's your
main concern. This is not to say that these aren't great products when
used as designed; it's just to point out that none of them are designed
to be very good at DoS protections. I'm sure that the sales droids are
happy to tell you that they're good DoS boxes but, as you found out,
they aren't.

You want to look at products that focus on DoS (and other rate-based
attacks), probably starting with TopLayer and Arbor (someone else
already suggested that), but also Mazu (now part of Riverbed). There
are also some smaller companies that have had success in this space.
For example, one of our customers bought a DoS mitigation box from
Riorey (http://www.riorey.com/) and they think it's the bees knees.

jms

--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One Phone: +1 520 324 0494
jmsOpus1.COM http://www.opus1.com/jms

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]