Submit Search
Upload
BGP FlowSpec experience and future developments
•
Download as PPTX, PDF
•
1 like
•
2,100 views
Pavel Odintsov
Follow
The presentation from Netscout about BGP FlowSpec in 2019.
Read less
Read more
Internet
Slideshow view
Report
Share
Slideshow view
Report
Share
1 of 22
Download now
Recommended
Implementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit network
Pavel Odintsov
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec
APNIC
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and Discussion
APNIC
9534715
9534715
Pavel Odintsov
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPd
Pavel Odintsov
BGP Update Source
BGP Update Source
NetProtocol Xpert
DDoS Threats Landscape : Countering Large-scale DDoS attacks
DDoS Threats Landscape : Countering Large-scale DDoS attacks
MyNOG
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
Pavel Odintsov
Recommended
Implementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit network
Pavel Odintsov
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec
APNIC
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and Discussion
APNIC
9534715
9534715
Pavel Odintsov
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPd
Pavel Odintsov
BGP Update Source
BGP Update Source
NetProtocol Xpert
DDoS Threats Landscape : Countering Large-scale DDoS attacks
DDoS Threats Landscape : Countering Large-scale DDoS attacks
MyNOG
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
Pavel Odintsov
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
Bertrand Duvivier
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Cisco Russia
DDoS Mitigation Tools and Techniques
DDoS Mitigation Tools and Techniques
Babak Farrokhi
An Introduction to BGP Flow Spec
An Introduction to BGP Flow Spec
ShortestPathFirst
FastNetMon - ENOG9 speech about DDoS mitigation
FastNetMon - ENOG9 speech about DDoS mitigation
Pavel Odintsov
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider Needs
CSUC - Consorci de Serveis Universitaris de Catalunya
F5 DDoS Protection
F5 DDoS Protection
MarketingArrowECS_CZ
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting router
Shu Sugimoto
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)
Pavel Odintsov
SEGMENT Routing
SEGMENT Routing
Bangladesh Network Operators Group
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
MyNOG
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Bruno Teixeira
Network automation (NetDevOps) with Ansible
Network automation (NetDevOps) with Ansible
Bangladesh Network Operators Group
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
Cisco Study: State of Web Security
Cisco Study: State of Web Security
Cisco Canada
Segment Routing: A Tutorial
Segment Routing: A Tutorial
APNIC
Zabbix conference 2018v2
Zabbix conference 2018v2
Jorge Fernando Matsudo Iwano
Cisco MPLS
Cisco MPLS
webhostingguy
Service Function Chaining with SRv6
Service Function Chaining with SRv6
Ahmed AbdelSalam
MPLS L3 VPN Deployment
MPLS L3 VPN Deployment
APNIC
Next Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF Chui
MyNOG
M1-C17-Armando una red.pptx
M1-C17-Armando una red.pptx
Angel Garcia
More Related Content
What's hot
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
Bertrand Duvivier
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Cisco Russia
DDoS Mitigation Tools and Techniques
DDoS Mitigation Tools and Techniques
Babak Farrokhi
An Introduction to BGP Flow Spec
An Introduction to BGP Flow Spec
ShortestPathFirst
FastNetMon - ENOG9 speech about DDoS mitigation
FastNetMon - ENOG9 speech about DDoS mitigation
Pavel Odintsov
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider Needs
CSUC - Consorci de Serveis Universitaris de Catalunya
F5 DDoS Protection
F5 DDoS Protection
MarketingArrowECS_CZ
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting router
Shu Sugimoto
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)
Pavel Odintsov
SEGMENT Routing
SEGMENT Routing
Bangladesh Network Operators Group
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
MyNOG
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Bruno Teixeira
Network automation (NetDevOps) with Ansible
Network automation (NetDevOps) with Ansible
Bangladesh Network Operators Group
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
Cisco Study: State of Web Security
Cisco Study: State of Web Security
Cisco Canada
Segment Routing: A Tutorial
Segment Routing: A Tutorial
APNIC
Zabbix conference 2018v2
Zabbix conference 2018v2
Jorge Fernando Matsudo Iwano
Cisco MPLS
Cisco MPLS
webhostingguy
Service Function Chaining with SRv6
Service Function Chaining with SRv6
Ahmed AbdelSalam
MPLS L3 VPN Deployment
MPLS L3 VPN Deployment
APNIC
What's hot
(20)
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
DDoS Mitigation Tools and Techniques
DDoS Mitigation Tools and Techniques
An Introduction to BGP Flow Spec
An Introduction to BGP Flow Spec
FastNetMon - ENOG9 speech about DDoS mitigation
FastNetMon - ENOG9 speech about DDoS mitigation
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider Needs
F5 DDoS Protection
F5 DDoS Protection
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting router
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)
SEGMENT Routing
SEGMENT Routing
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Network automation (NetDevOps) with Ansible
Network automation (NetDevOps) with Ansible
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Cisco Study: State of Web Security
Cisco Study: State of Web Security
Segment Routing: A Tutorial
Segment Routing: A Tutorial
Zabbix conference 2018v2
Zabbix conference 2018v2
Cisco MPLS
Cisco MPLS
Service Function Chaining with SRv6
Service Function Chaining with SRv6
MPLS L3 VPN Deployment
MPLS L3 VPN Deployment
Similar to BGP FlowSpec experience and future developments
Next Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF Chui
MyNOG
M1-C17-Armando una red.pptx
M1-C17-Armando una red.pptx
Angel Garcia
17 - Building small network.pdf
17 - Building small network.pdf
PhiliphaHaldline
ITN_Module_17.pptx
ITN_Module_17.pptx
ssuserf7cd2b
ONF & iSDX Webinar
ONF & iSDX Webinar
Katie Hyman
DDos, Peering, Automation and more
DDos, Peering, Automation and more
Internet Society
IT Monitoring in the Era of Containers | Luca Deri Founder & Project Lead | ntop
IT Monitoring in the Era of Containers | Luca Deri Founder & Project Lead | ntop
InfluxData
Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6
Rodolfo Kohn
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
SolarWinds
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
SolarWinds
CCNA v6.0 ITN - Chapter 11
CCNA v6.0 ITN - Chapter 11
Irsandi Hasan
The Impact of Software-based Virtual Network in the Public Cloud
The Impact of Software-based Virtual Network in the Public Cloud
Chunghan Lee
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
Lagopus SDN/OpenFlow switch
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
Jim St. Leger
2. RINA overview - TF workshop
2. RINA overview - TF workshop
ARCFIRE ICT
NetFlow Deep Dive: NetFlow Tips and Tricks to get the Most Out of Your Networ...
NetFlow Deep Dive: NetFlow Tips and Tricks to get the Most Out of Your Networ...
SolarWinds
Basic Foundation For Cybersecurity
Basic Foundation For Cybersecurity
Mohammed Adam
INT_Ch17.pptx
INT_Ch17.pptx
NguyenLong773850
WebRTC standards update - November 2014
WebRTC standards update - November 2014
Victor Pascual Ávila
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
ThomasGraf40
Similar to BGP FlowSpec experience and future developments
(20)
Next Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF Chui
M1-C17-Armando una red.pptx
M1-C17-Armando una red.pptx
17 - Building small network.pdf
17 - Building small network.pdf
ITN_Module_17.pptx
ITN_Module_17.pptx
ONF & iSDX Webinar
ONF & iSDX Webinar
DDos, Peering, Automation and more
DDos, Peering, Automation and more
IT Monitoring in the Era of Containers | Luca Deri Founder & Project Lead | ntop
IT Monitoring in the Era of Containers | Luca Deri Founder & Project Lead | ntop
Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
NetFlow Best Practices - Tips and Tricks to Get the Most Out of Your Network ...
CCNA v6.0 ITN - Chapter 11
CCNA v6.0 ITN - Chapter 11
The Impact of Software-based Virtual Network in the Public Cloud
The Impact of Software-based Virtual Network in the Public Cloud
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
2. RINA overview - TF workshop
2. RINA overview - TF workshop
NetFlow Deep Dive: NetFlow Tips and Tricks to get the Most Out of Your Networ...
NetFlow Deep Dive: NetFlow Tips and Tricks to get the Most Out of Your Networ...
Basic Foundation For Cybersecurity
Basic Foundation For Cybersecurity
INT_Ch17.pptx
INT_Ch17.pptx
WebRTC standards update - November 2014
WebRTC standards update - November 2014
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
More from Pavel Odintsov
DDoS Challenges in IPv6 environment
DDoS Challenges in IPv6 environment
Pavel Odintsov
Network telemetry for DDoS detection presentation
Network telemetry for DDoS detection presentation
Pavel Odintsov
Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points
Pavel Odintsov
VietTel AntiDDoS Volume Based
VietTel AntiDDoS Volume Based
Pavel Odintsov
DDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP Infrastructures
Pavel Odintsov
Flowspec contre les attaques DDoS : l'expérience danoise
Flowspec contre les attaques DDoS : l'expérience danoise
Pavel Odintsov
Detectando DDoS e intrusiones con RouterOS
Detectando DDoS e intrusiones con RouterOS
Pavel Odintsov
DeiC DDoS Prevention System - DDPS
DeiC DDoS Prevention System - DDPS
Pavel Odintsov
Lekker weer nlnog_nlnog_ddos_fl
Lekker weer nlnog_nlnog_ddos_fl
Pavel Odintsov
Lekker weer nlnog_how_to_avoid_buying_expensive_routers
Lekker weer nlnog_how_to_avoid_buying_expensive_routers
Pavel Odintsov
Janog 39: speech about FastNetMon by Yutaka Ishizaki
Janog 39: speech about FastNetMon by Yutaka Ishizaki
Pavel Odintsov
Protect your edge BGP security made simple
Protect your edge BGP security made simple
Pavel Odintsov
Keeping your rack cool
Keeping your rack cool
Pavel Odintsov
Jon Nield FastNetMon
Jon Nield FastNetMon
Pavel Odintsov
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Pavel Odintsov
Blackholing from a_providers_perspektive_theo_voss
Blackholing from a_providers_perspektive_theo_voss
Pavel Odintsov
SIG-NOC Tools Survey
SIG-NOC Tools Survey
Pavel Odintsov
DDoS detection at small ISP by Wardner Maia
DDoS detection at small ISP by Wardner Maia
Pavel Odintsov
Distributed Denial of Service Attack - Detection And Mitigation
Distributed Denial of Service Attack - Detection And Mitigation
Pavel Odintsov
Nanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmon
Pavel Odintsov
More from Pavel Odintsov
(20)
DDoS Challenges in IPv6 environment
DDoS Challenges in IPv6 environment
Network telemetry for DDoS detection presentation
Network telemetry for DDoS detection presentation
Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points
VietTel AntiDDoS Volume Based
VietTel AntiDDoS Volume Based
DDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP Infrastructures
Flowspec contre les attaques DDoS : l'expérience danoise
Flowspec contre les attaques DDoS : l'expérience danoise
Detectando DDoS e intrusiones con RouterOS
Detectando DDoS e intrusiones con RouterOS
DeiC DDoS Prevention System - DDPS
DeiC DDoS Prevention System - DDPS
Lekker weer nlnog_nlnog_ddos_fl
Lekker weer nlnog_nlnog_ddos_fl
Lekker weer nlnog_how_to_avoid_buying_expensive_routers
Lekker weer nlnog_how_to_avoid_buying_expensive_routers
Janog 39: speech about FastNetMon by Yutaka Ishizaki
Janog 39: speech about FastNetMon by Yutaka Ishizaki
Protect your edge BGP security made simple
Protect your edge BGP security made simple
Keeping your rack cool
Keeping your rack cool
Jon Nield FastNetMon
Jon Nield FastNetMon
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Blackholing from a_providers_perspektive_theo_voss
Blackholing from a_providers_perspektive_theo_voss
SIG-NOC Tools Survey
SIG-NOC Tools Survey
DDoS detection at small ISP by Wardner Maia
DDoS detection at small ISP by Wardner Maia
Distributed Denial of Service Attack - Detection And Mitigation
Distributed Denial of Service Attack - Detection And Mitigation
Nanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmon
Recently uploaded
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Damian Radcliffe
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
Call Girls Mumbai
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Dubai call girls 971524965298 Call girls in Bur Dubai
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
Damian Radcliffe
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
SofiyaSharma5
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
tanu pandey
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
shivangimorya083
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
soniya singh
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
soniya singh
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
ellan12
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
Recently uploaded
(20)
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
BGP FlowSpec experience and future developments
1.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 1
2.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 2 BGP FlowSpec in 2019: operational experience and future developments a.k.a. “yet another FlowSpec talk” Alessandro Bulletti Kirill Kasavchenko
3.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 3 Volumetric DDoS attacks 2018-2019 Source: Netscout Threat Report 2018 Source: Rapporto Clusit 2019 sulla Sicurezza ICT in Italia - Tipologie di attacchi DDoS (Dati Fastweb relativi all’anno 2018)
4.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 4 The need for collaboration • Ideally, large DDoS attacks should be mitigated as close to the source as possible. • Practically, the good first step would be: – Customer asks upstream provider to mitigate – Peer asks another peers • As time goes by and trust is built, we might expect mitigation to naturally propagate closer to the source.
5.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 5 Wait... This is not a new idea! Some of initiatives in this area: • Fingerprint Sharing Alliance (Arbor, 2005) • BGP FlowSpec (IETF, 2009) • M3AAWG DDoS Info Sharing (2017) • I2NSF (IETF, 2017) • Stellar: advanced blackholing (DE-CIX/TU Berlin/Max Planck Institute, 2018) • DOTS (IETF, work in progress)
6.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 6 Wait... This is not a new idea! Some of initiatives in this area: • Fingerprint Sharing Alliance (Arbor, 2005) • BGP FlowSpec (IETF, 2009) • M3AAWG DDoS Info Sharing (2017) • I2NSF (IETF, 2017) • Stellar: advanced blackholing (DE-CIX/TU Berlin/Max Planck Institute, 2018) • DOTS (IETF, work in progress) • Vendor support • Open-source tools • Operational experience • User groups
7.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 7 FlowSpec: vendors and open-source Controllers and BGP FlowSpec speakers: • Arbor (Netscout) • ExaBGP • FastNetMon • Nokia • Radware Routers: • Cisco IOS-XR (ASR9K, NCS5K) and IOS-XE • Juniper MX/PTX • Alcatel/Nokia 7x50 • Huawei NE routers • 6WIND • Arista Telemetry FlowSpec
8.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 8 FlowSpec: operational experience & user groups Deployments (based on public information): • Cloudflare, Level3, Rostelecom, Orange Poland DDoS Peering initiative: • AT&T, Century Link, Charter • See slides at NANOG 71 and 75 (links in the end of this presentation) FlowSpec multi vendor tests by T-Mobile Austria and NextLayer : • Cisco, Juniper, Huawei, Nokia • Focus on Inter-AS applicability and operational needs
9.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 9 What works well • FlowSpec is extensively used against DDoS Amplification attacks: • We see operational community is automating FlowSpec generation to stop attacks without human involvement: – Not just hyperscalers • We see adoption of FlowSpec as the way to redirect traffic on demand: – Redirect to Route Target – Redirect to Next-Hop
10.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 10 What could be improved • Scale on router side: – Number of concurrently supported FlowSpec rules – Speed of FlowSpec rules import and processing • Various „safety nets“: – Prevent too many FlowSpec rules from impacting router forwarding performance – Lack of granularity in import policies: • It is impossible to allow/reject FlowSpec rules based on action • Therefore, possible for customer to change DSCP of their traffic to „network-critical“ • These are implementation-specific improvements. They do not require industry consensus in a form of IETF document or BCP.
11.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 11 What is impossible to do with FlowSpec today • Match traffic based on random L3-L4 field or based on payload – Example: IP TTL, TCP Window Size • Report traffic statistics across administrative boundaries – ISP1 sends a FlowSpec rule to ISP2 – How ISP1 gets visibility into dropped traffic to estimate the efficacy of FlowSpec? • There is a lack of common approach to these problems. – We need standards (think RFC documents) or some well-defined Best Current Practices
12.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 12 Flexible Payload Matching: problem statement • Majority of volumetric DDoS attacks are amplification attacks. They can be successfully mitigated using „standard“ FlowSpec, matching source UDP port: • However, there exist more complex cases: – Bittorent amplification – SSDP diffraction • These attacks result in packets with random source UDP port, so it‘s not possible to create a classifier using FlowSpec. • At the same time, these attacks generate specific patterns in payload. – And some routers are able to match packets based on payload.
13.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 13 Flexible Payload Matching: solution (1/2) • Extend FlowSpec with „flexible match conditions“ component type: draft-khare-idr-bgp-flowspec-payload-match Type X – Flexible Match Conditions
14.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 14 Flexible Payload Matching: solution (2/2) • Use new component type to match anywhere in the packet: – In any field – Across fields regardless of field boundaries – In payload • Match using: – Bit pattern with bitmask – Numeric pattern – Regular expressions draft-khare-idr-bgp-flowspec-payload-match
15.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 15 FlowSpec and Reporting: problem statement • How do you know if FlowSpec rule is effective? • No standardized way to report traffic that matches FlowSpec policy: – SNMP counters – XML/Netconf – draft-wu-idr-flowspec-yang-cfg-02 • Good news: most routers generate flow telemetry for traffic, dropped by FlowSpec:
16.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 16 FlowSpec and Reporting: solution • Corellate FlowSpec NLRI and Flow records: • Vendor-independent approach – No need to parse proprietary SNMP or XML data models FlagsToS Output Intf = 0 Input IntfProtoDst PortSrc PortDest IPSrc IP Flow Record Packet length TCP flag s ICMP type Dst Port Por t IP Protoc ol Source Prefix Dest Prefix FlowSpec NLRI Src Port ICMP code Etc…
17.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 17 FlowSpec and Reporting: Inter-AS? • Reporting based on Netflow and FlowSpec correlation won‘t work between ASNs – No way for ISP1 to receive flow telemetry from ISP2 • Other approaches (SNMP, Netconf, streaming telemetry) won‘t work either • We would need something totally new: – Most likely some mediation tool that makes sure only relevant information is reported between ASNs – Or some concept of „administrative domains“ in flow / SNMP / streaming telemetry • Whatever the solution would be, having visibility into FlowSpec rules propagated between ASNs is going to be an essential factor for adoption
18.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 18 FlowSpec evolution: RFC5575bis • Defines all traffic action extended communities as transitive extended communities. RFC5575 defined the traffic- rate action to be non-transitive and did not define the transitivity of the other action communities at all. • Introduces a new traffic filtering action traffic-rate-packets: – Instead of ”rate-limit to 100 bps” you can now “rate-limit to 100 pps” • Introduces rules how updates of Flow Specifications shall be handled in case they contain interfering actions • A full list of changes can be found in the references section of this slide deck Major changes
19.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 19 Other interesting FlowSpec developments • FlowSpec interface set (draft-ietf-idr-flowspec-interfaceset) – Use BGP communities to signal to which interfaces (interface-set) should a FlowSpec action be applied – Supported in Cisco IOS-XE
20.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 20 Summary • FlowSpec is a mature DDoS mitigation technology • No, it‘s not perfect and alone is not enough to stop all types of DDoS attacks – it is not applicable against TCP SYN floods and application layer DDoS – but it mitigates the most impacting DDoS types in ISP networks – amplification attacks • Check with $your_router_vendor what the platform limits are: – Scale – Policies • Don‘t be afraid to automate FlowSpec. If you don‘t know how – talk to us. • Work with IETF and vendors to get new FlowSpec ideas implemented A.k.a Last Slide
21.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 21 References • Stellar, advanced blackholing: https://www.de- cix.net/Files/2731074c857497be3827ac9537b6e486f27aa57c/Research-paper-Stellar-Network-Attack-Mitigation- using-Advanced-Blackholing.pdf • NANOG71 DDoS peering: https://www.youtube.com/watch?v=Aj8EKYVSTtk • NANOG75 eBGP FlowSpec peering: https://www.youtube.com/watch?v=rKEz8mXcC7o • Interop FlowSpec tests by T-Mobile and Next Layer: https://www.nextlayer.at/wp-content/uploads/2018/06/loibl-bacher- bgp-flowspec-interop-012017.pdf • FlowSpec payload matching: https://datatracker.ietf.org/doc/draft-khare-idr-bgp-flowspec-payload-match/ • SSDP Diffraction Attack: https://www.netscout.com/blog/asert/new-twist-ssdp-attacks • FlowSpec at CloudFlare: https://meetings.ripe.net/see4/files/RIPE%20SEE4%20Belgrade%20Serbia%20- %20CloudFlare%20-%20DDoS%20mitigation%20-%20Martin%20Levy.pdf • FlowSpec at Level3: https://www.capacitymedia.com/articles/3585228/Level-3-launches-BGP-Flowspec-on-global- backbone • FlowSpec at Rostelecom: https://habr.com/ru/company/rostelecom/blog/325138/ • FlowSpec in Orange Poland: https://cert.orange.pl/aktualnosci/ddos-w-naszej-sieci-coraz-silniej-coraz-wiecej • RFC5575bis changes compared to RFC5575: https://tools.ietf.org/html/draft-ietf-idr-rfc5575bis-14#appendix-A The last slide, really
22.
COPYRIGHT © 2018
NETSCOUT SYSTEMS, INC. | PUBLIC 22 Thank You. www.netscout.com alessandro.bulletti@netscout.com kirill.kasavchenko@netscout.com
Download now