Speaker
Description
Flowspec is by all means not a new invention to handle DDoS and volumetric based threats. In one way or another been around as a feature since 2008-2009. But never got the attraction and little vanished as a tool and concept... untill now. Implementations today mostly design to direct suspicious flows by direct certian prefixes to central located scrubber site for filtering and actions. The design to achive this mostly ref to as "Onramp&Offramp" which involves MPLS controlplanes and segmentation of traffic. Flowspec offers a greater toolbox now with not just redirect, but also drop, shape or lower the service for suspected flows already on the edge. This session aims to explain the Flowspec from design and develop to a ready product with all its experience. A Flowspec rule is much more than just ACL installed by BGP !
