| ▲ | reassess_blind 10 hours ago |
| How do you mitigate large scale DDoS? |
|
| ▲ | lpcvoid 10 hours ago | parent [-] |
| I don't, since my stuff is reachable only within the company network/VPN. If I needed to though, I would consult the BSI list of official DDOS mitigation services [0] and evaluate each one before deciding. I would not auto-pick Cloudflare. [0] (German) https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Cyber-Si... |
| |
| ▲ | reassess_blind 9 hours ago | parent [-] | | When the solution you pick inevitably has downtime too you’re in the same boat. DDoS mitigation is one of those areas that an on-prem solution just isn’t well suited to solve. | | |
| ▲ | lpcvoid 9 hours ago | parent | next [-] | | Yeah, but people aren't using Cloudflare just for DDOS Mitigation. Some are running pretty much everything over it, from DNS to edge caching to load balancing and even hosting. That's what I oppose mainly. | |
| ▲ | lousken 7 hours ago | parent | prev [-] | | Unless you are really big, onprem stuff would be 90% internal anyway. For everything public you'd host your hardware in a datacenter with better high speed connectivity. And pretty much every single datacenter I interacted with in the last 5 years does have a DDOS protection solution that you can order for your network. |
|
|
