--
From: "Richard Hesse"
To: "NANOG Mailing List"
Sent: Friday, August 28, 2015 1:23:01 PM
Subject: Re: Experience on Wanguard for 'anti' DDOS solutions
We've tried their products off an on for the past 3-4 years. Here are
my impressions:
* UI stuck in
the API.
>
> Regards
>
> Fabien
>
> > Le 12 août 2015 à 16:28, Ramy Hashish a écrit
> :
> >
> >>
> >>
> >> Date: Tue, 11 Aug 2015 08:14:54 +0200
> >> From: "marcel.durega...@yahoo.fr"
> >> To: nanog@nanog.org
>
We've tried their products off an on for the past 3-4 years. Here are
my impressions:
* UI stuck in 1999. Can't click zoom, drill down, etc.
* Inflexible UI. Want a bandwidth graph with only egress or ingress? Too bad.
* Inexpensive. I don't like that it's licensed yearly, but it's not
too much mo
On Thu, Aug 13, 2015 at 4:20 AM, alvin nanog <
nano...@mail.ddos-mitigator.net> wrote:
>
> hi ramy
>
> On 08/12/15 at 05:28pm, Ramy Hashish wrote:
> >
> > Anybody here compared Wanguard's performance with the DDoS vendors in the
> > market (Arbor, Radware, NSFocus, A10, RioRey, Staminus, F5 ..
og.org
Subject: Re: Experience on Wanguard for 'anti' DDOS solutions
Message-ID: <55c992de.3020...@yahoo.fr>
Content-Type: text/plain; charset=windows-1252; format=flowed
anybody from this impressive list ?:
https://www.andrisoft.com/company/customers
-- Marcel
Anybody here compared Wa
your financial guys might think. Could
help you if you want to convince them to buy Arbor :-).
- Marcel
On 12.08.2015 16:28, Ramy Hashish wrote:
Date: Tue, 11 Aug 2015 08:14:54 +0200
From: "marcel.durega...@yahoo.fr"
To: nanog@nanog.org
Subject: Re: Experience on Wanguard for '
the API.
>
> Regards
>
> Fabien
>
> > Le 12 août 2015 à 16:28, Ramy Hashish a écrit
> :
> >
> >>
> >>
> >> Date: Tue, 11 Aug 2015 08:14:54 +0200
> >> From: "marcel.durega...@yahoo.fr"
> >> To: nanog@nanog.org
>
hi ramy
On 08/12/15 at 05:28pm, Ramy Hashish wrote:
>
> Anybody here compared Wanguard's performance with the DDoS vendors in the
> market (Arbor, Radware, NSFocus, A10, RioRey, Staminus, F5 ..)?
wouldn't the above "comparison" be kinda funky comparing software solutions
with hardware appli
l.durega...@yahoo.fr"
>> To: nanog@nanog.org
>> Subject: Re: Experience on Wanguard for 'anti' DDOS solutions
>> Message-ID: <55c992de.3020...@yahoo.fr>
>> Content-Type: text/plain; charset=windows-1252; format=flowed
>>
>> anybody from
>
>
> Date: Tue, 11 Aug 2015 08:14:54 +0200
> From: "marcel.durega...@yahoo.fr"
> To: nanog@nanog.org
> Subject: Re: Experience on Wanguard for 'anti' DDOS solutions
> Message-ID: <55c992de.3020...@yahoo.fr>
> Content-Type: text/plain; charset
Aaron,
Do you remember which release or when it was ?
Are you talking about detection or filtering which failed for many
sources targeting a single destination ?
Which sensor did you test, packet sensor or flow sensor ?
Thank,
Regards,
- Marcel
On 11.08.2015 17:42, Aaron wrote:
We tested it
I have not experienced any problems with multiple source attacks at the
same time. This is also including with multiple destinations too.
I guess it really depends on what you expect the product to do, and how
you write integration too.
Regards,
Matt.
On 12/08/2015 01:42, Aaron wrote:
We te
We tested it a while back and found that it was fine for single source
attacks but fell over with multiple sources. Has that changed?
On 8/11/2015 9:42 AM, Nick Rose wrote:
We have processed just under a million anomalies with this software, we use the
Chelsio cards for filtering. We had so
We have processed just under a million anomalies with this software, we use the
Chelsio cards for filtering. We had some troubles with packet loss on the
filter side until we started using those which were a new feature in the latest
release.
If you have any questions I would be happy to answer
anybody from this impressive list ?:
https://www.andrisoft.com/company/customers
-- Marcel
On 11.08.2015 03:28, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 8/10/2015 6:07 PM, valdis.kletni...@vt.edu wrote:
On Tue, 11 Aug 2015 09:36:07 +1000, Nick Pratley said:
Some base numbers as it stands now:
Total Anomalies: ~8000
Total Prefixes in BGP: ~400
We don't mitigate _everthing_ - if our transit can handle the inbound then
it doesn't do anything - just alert and take a pcap dump for further
tuning. If we see congestion, it moves prefixes around to a scrubb
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 8/10/2015 6:07 PM, valdis.kletni...@vt.edu wrote:
> On Tue, 11 Aug 2015 09:36:07 +1000, Nick Pratley said:
>
>> Once setup correctly. very good product - it's been running for 8
>> months now and hasn't had any issues. It's been very reliable.
>
On Tue, 11 Aug 2015 09:36:07 +1000, Nick Pratley said:
> Once setup correctly. very good product - it's been running for 8 months
> now and hasn't had any issues. It's been very reliable.
I'll bite - (roughly) how many times has it triggered and mitigated an actual
DDoS during those 8 months? We
We (AS55803) have also been using WANGuard for well over a year, and as
with the other comments.. it has been very reliable and integrates quite
well with literally anything you want.
Regards,
Matt.
On 11/08/2015 09:36, Nick Pratley wrote:
+1 from me for WanGuard.
I have this running taking
+1 from me for WanGuard.
I have this running taking 2x 10G span ports of our network. We are able to
mitigate an attack within 7 seconds (local filtering where transit can
handle) and if it gets to the point that transit can not handle the attack
it moves the /24 related to the attack to a DDoS mi
+1
On 11/08/2015 12:10 AM, Job Snijders wrote:
On Mon, Aug 10, 2015 at 04:38:40PM +0300, Pavel Odintsov wrote:
We have some open source software for this task
https://github.com/FastVPSEestiOu/fastnetmon :) Feel free to ask me
any questions off list.
I can attest that fastnetmon is a great too
We are currently using Wanguard. Have had it in place for about 6months.
Have not setup BGP peering with my edges to blackhole inbound traffic yet
simply because I haven't had time, but the product itself seems to be
pretty full featured and has lots of options and a pretty reasonable
interface.
On Mon, Aug 10, 2015 at 04:38:40PM +0300, Pavel Odintsov wrote:
> We have some open source software for this task
> https://github.com/FastVPSEestiOu/fastnetmon :) Feel free to ask me
> any questions off list.
I can attest that fastnetmon is a great tool for dealing with high pps
or high bandwidth
Hello!
We have some open source software for this task
https://github.com/FastVPSEestiOu/fastnetmon :) Feel free to ask me
any questions off list.
On Mon, Aug 10, 2015 at 9:58 AM, Marcel Duregards
wrote:
> Dear Nogers,
> We are currently evaluating some DDOS detection/mitigation solutions.
> Do
Dear Nogers,
We are currently evaluating some DDOS detection/mitigation solutions.
Do you have any inputs/experiences on Wanguard from Andrisoft, please
?https://www.andrisoft.com/software/wanguard
Currently we are just interested on the packets/flows sensors with the console
for detection and RT
25 matches
Mail list logo
