On Jun 9, 2009, at 6:12 PM, Sam Stickland wrote:
only offers non-stateful ACLs and no inspection so I'm not sure it's really that useful?
Stateful inspection in front of front-end servers is generally not only useless, but counterproductive, as it greatly increases susceptibility to DDoS. Especially with a software-based switch/ router/what-have-you.
----------------------------------------------------------------------- Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> Unfortunately, inefficiency scales really well. -- Kevin Lawton _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/