FastNetMon is a very high performance DDoS detector built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow and SPAN/port mirror.
It could detect malicious traffic in your network and immediately block it with BGP blackhole or BGP flow spec rules.
It has solid support for all top network vendors and has unlimited scalability due to flexible design.
You could integrate FastNetMon into any existing network without any changes and additional hardware!
Based on our record, FastNetMon should be more popular than VeriSign. It has been mentiond 3 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
I have a network that has no internet connectivity. The servers/workstations are microsoft. Microsoft DNS/AD. I'm unable to find an elegant solution for applications that perform CRL/OCSP lookups but have to wait for a timeout to expire before continuing. I could create authoritative domains (verisign.com for example) but I would rather find a better solution. does anyone have any ideas on how I can either... Source: about 3 years ago
If you have a BGP peering with you ISP/upstream provider, ask them if they have a blackhole community you can broadcast to. Usually they are ASN:666. The only downside is you would only be able to advertise your IP address to that, essentially killing your internet (if that's your only IP) as long as the block is up. We usually set our filter to 15 minutes and most attackers give up after that. At this level, you... Source: about 1 year ago
Have you looked at fastnetmon ? It's freemium and It looks like the commercial version would work you, but I think the community edition is aslo worth a look. It's primary function is to detect DDOS attacks, but it can export data in ways that might be useful to you. Source: about 2 years ago
To mitigate DoS attacks means you need information - preferably before the users start screaming. Running sampling on your edge router with something like Fastnetmon will give you alerting of a probable DDoS attack before it becomes a significant problem. Source: almost 3 years ago
Let's Encrypt - Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG).
NetVizura NetFlow Analyzer - NetFlow Analyzer is a solution for bandwidth monitoring and traffic analysis. It helps with traffic investigation, analysis and reporting
Digicert - Encryption & Authentication
Andrisoft WanGuard - DDoS protection software solution for networks. Attacks detected by NetFlow,NetStream,sFlow,jFlow,IPFIX,Port Mirroring and mitigated with firewall filters
nginx - A high performance free open source web server powering busiest sites on the Internet.
Arbor - Easily manage product development