DDoS Protection with NetFlow

DDoS Protection: The Problem with NetFlow

“Netflow collection.” This is what I kept hearing from DDoS providers when I asked how they monitored networks.  But there are a couple problems with utilizing NetFlow. Problem 1: Sampling Rates… I’ve very rarely seen a sampling rate of 1 on routers.  Cisco’s CRS shelves and ASR9ks as well as Juniper’s TX Matrix Plus and MX960s are certainly capable … Continue Reading

Mail Protocols….and SPAM

Just a quick factoid for everyone today. NextGen firewalls are the coolest things, but only go so far due to protocol dependencies and older technologies.  Take for example mail protocols. A next-gen firewall can block an outgoing SMTP message with a virus attached with a simple 541 message (no answer from host). But when you … Continue Reading