[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Checkpoint IPS

Subject: Checkpoint IPS
From: rdobbins at arbor.net (Roland Dobbins)
Date: Mon, 09 Feb 2015 01:26:30 +0700
In-reply-to: <CADncWmF3zLmUbP+Drw3WgSsRBQ-xPR4u9z2r0v8KvgeCxZypwg@mail.gmail.com>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CACAVgUy0Q8_wHcmez2FHg0sVJUynGJ_P85AoRkn=UJ73aprcEQ@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CAD6AjGTA77Zdpnm7C8vZfrZGv+G9eupvrUJeRgo=y0V0YN1FyQ@mail.gmail.com> <CADncWmF3zLmUbP+Drw3WgSsRBQ-xPR4u9z2r0v8KvgeCxZypwg@mail.gmail.com>

On 8 Feb 2015, at 23:00, BPNoC Group wrote:

> Mr Dobbins' slides/presentation gives an idea that a proxy (waf, 
> whatever) fits sitting unprotected among routers and application 
> servers, while its also stateful and fragile enough to deserve 
> previous protection.

from p.16 of the presentation in question:

'If stateful firewalls cannot be immediately removed from the 
architecture, they must be protected against DDoS via S/RTBH, flowspec, 
IDMS, et. al., just like servers!'


from p.19 of the presentation in question:

'Load-balancers must be protected against DDoS - stateless ACLs for 
policy enforcement, S/RTBH, flowspec, IDMS, and so forth.'


from p.28 of the presentation in question:

'Reverse-proxy farms must be protected from DDoS via S/RTBH, flowspec, 
IDMS, et. al.'

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

References:
- Checkpoint IPS
  - From: m.hallgren at free.fr (Michael Hallgren)
- Checkpoint IPS
  - From: rdobbins at arbor.net (Roland Dobbins)
- Checkpoint IPS
  - From: m.hallgren at free.fr (Michael Hallgren)
- Checkpoint IPS
  - From: terry.baranski.list at gmail.com (Terry Baranski)
- Checkpoint IPS
  - From: rdobbins at arbor.net (Roland Dobbins)
- Checkpoint IPS
  - From: terry.baranski.list at gmail.com (Terry Baranski)
- Checkpoint IPS
  - From: eksffa at freebsdbrasil.com.br (Patrick Tracanelli)
- Checkpoint IPS
  - From: Patrick.Darden at p66.com (Darden, Patrick)
- Checkpoint IPS
  - From: rdobbins at arbor.net (Roland Dobbins)
- Checkpoint IPS
  - From: Patrick.Darden at p66.com (Darden, Patrick)
- Checkpoint IPS
  - From: rdobbins at arbor.net (Roland Dobbins)
- Checkpoint IPS
  - From: cb.list6 at gmail.com (Ca By)
- Checkpoint IPS
  - From: bpnoc.lists at gmail.com (BPNoC Group)

Prev by Date: Checkpoint IPS
Next by Date: IPv6 allocation plan, security, and 6-to-4 conversion
Previous by thread: Checkpoint IPS
Next by thread: Checkpoint IPS
Index(es):
- Date
- Thread