-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Dear team,
Since we see >1Tbps DDOS attacs in the wild, I suppose out-of-the-box DDOS mitigation suppliers have lost this race. There is no operator in Switzerland which can handle 1Tbps DDOS attacks.
When we saw DDOS against digitec.ch and others earlier this year, I was a bit surprised that none of the so called "experts" proposed regional BGP propagation as a remedy.
May I offer up UTRS as a model or perhaps part of your solution?
https://www.team-cymru.org/UTRS/
UTRS is a system that helps mitigate large infrastructure attacks by leveraging an existing network of cooperating BGP speakers such as ISPs, hosting providers and educational institutions that automatically distributes verified BGP-based filter rules from victim to cooperating networks.
Victims can now effectively alleviate attacks quickly and across the world at lightning speed. Additionally, by using UTRS, operators will also be stopping the attack traffic at the source, saving many would-be attack packets from their own network, as well as preventing them from taking up unnecessary network resources at every other network in between.
Be well, Rob. - -- Rabbi Rob Thomas Team Cymru "It is easy to believe in freedom of speech for those with whom we agree." - Leo McKern