Your browser failed to load CSS style sheets. Your browser or web proxy might not support elliptic-curve TLS

Building network automation solutions

9 module online course

Start now!
back to overview

Distributed DoS Mitigation with OpenFlow

Distributed DoS mitigation is another one of the “we were doing SDN without knowing it” cases: remote-triggered black holes are used by most major ISPs, and BGP Flowspec was available for years. Not surprisingly, people started using OpenFlow to implement the same concept (there’s even a proposal to integrate OpenFlow support into Bro IDS).

For more details, watch the Distributed DoS Prevention video recorded during the Real Life OpenFlow-based SDN Use Cases webinar.

Please read our Blog Commenting Policy before writing a comment.

3 comments:

  1. Do people implement DDoS mitigation strategies for private networks, for example, a large enterprise running MPLS VPN network

    ReplyDelete
  2. The challenge with a pure OpenFlow DDoS mitigation solution is that you also need to use OpenFlow for forwarding in addition to filtering. An integrated hybrid OpenFlow solution allows normal forwarding (BGP, OSPF, ISIS, etc) and uses OpenFlow only for filtering.

    Readers might be interested in the Network Field Day 7 demonstration where Brocade demonstrated the solution.

    ReplyDelete

Constructive courteous comments are most welcome. Anonymous trolling will be removed with prejudice.

Sidebar