Post by account_disabled on Mar 14, 2024 2:41:00 GMT -6
Monitoring and countermeasures are too slow. Sometimes we had to prioritize in other locations we dont have our own network and the data centers are blocking us protecting their infrastructure. When the network is sent directly from the data center hardware there is not only no way to block the attack but even pattern identification is difficult once and the nodes fall off. Of the available information only the trigger in Zabbix. The saddest moments were when we had several locations lying around completely and tightly for days.
Even the uplinks of our providers in the data centers simply said that we are not ready to filter this so we Buy Email List are turning you off. Once the attacks stop we will connect back. We come up with a plan First learn to block at least part of the attack at the level of provider routers. The goal is to reduce the impact on customers and protect the infrastructure. Second teach our network to digest the entire uplink capacity without special effects while simultaneously expanding it. For hardware disassemble a bunch of small routers and install chassis expand channels or or remove oversubscription.
In parallel improve DDoS protection to a state where we can block an attack faster than clients who are not receiving parasitic traffic will notice. And strategically build your networks in all locations. And your own protection. First of all we abandon the existing DDoS suppression system because it does more harm than good. Networkers begin to sleep one by one we change the current flow monitoring to sampled Inline IPFIX with payload. This way we dont wait for the flow to gather and make decisions in seconds.
Even the uplinks of our providers in the data centers simply said that we are not ready to filter this so we Buy Email List are turning you off. Once the attacks stop we will connect back. We come up with a plan First learn to block at least part of the attack at the level of provider routers. The goal is to reduce the impact on customers and protect the infrastructure. Second teach our network to digest the entire uplink capacity without special effects while simultaneously expanding it. For hardware disassemble a bunch of small routers and install chassis expand channels or or remove oversubscription.
In parallel improve DDoS protection to a state where we can block an attack faster than clients who are not receiving parasitic traffic will notice. And strategically build your networks in all locations. And your own protection. First of all we abandon the existing DDoS suppression system because it does more harm than good. Networkers begin to sleep one by one we change the current flow monitoring to sampled Inline IPFIX with payload. This way we dont wait for the flow to gather and make decisions in seconds.