On May 12, 2014 6:53 PM, "Justin M. Streiner" <strei...@cluebyfour.org> wrote: > > On Mon, 12 May 2014, Bob Evans wrote: > >> Ahh, Yep, same thing port and/or protocol for an address range. I haven't >> seen that accomplished via BGP. I know ATT will do it - they want about 2K >> more per month for that ability. All your traffic is redirected (extra >> hops ) through a firewall. So, it's a basic expensive firewall service. >> >> We have done both port based and protocol. But it gets installed by hand >> only on the connected port the customer. > > > From what I've seen, most of the major carriers don't filter traffic outside of truly exceptional circumstances, or it's treated as a revenue source. If it's offered at all, it's often priced unattractively, because carriers often don't want to be in the firewall/port-filtering business. > > jms
All my providers provide me incident response that includes rtbh as well as ACL and in some cases protocol rate limiting. ACL may take a while working the phone, but rtbh is immediate. I substanilly decreased business with at&t since they do not offer rtbh. Rtbh is really the floor on security features, and at&t is below the floor. CB