5/3/20 · 1 minutes read

Wanguard filtering options

Wanguard uses 4 methods of filtering: Netfilter firewall, DPDK firewall, FlowSpec firewall or FlowFIlter for Flow Sensor.FlowSpec and DPDK are ment for fastest networks with large volume based DDoS attacks. Iptables on the other hand can filter packets per Country, TTL or even packet payload, although last option is very CPU intensive.

With filtering it's best to go simpler route and chose FlowSpec, as it is less complicated to setup and maintain. For customers that need a finer comb, to scrub more complicated attacks iptables and Wanguard filter server can be a powerful ally for trimming down all that wasn't dropped, by other methods.

Filter is crucial add-on - if You or Your customers are tired of black hole routing (RTBH) blackouts. With FlowSpec capable router (Cisco/Juniper/Arista) installation of Wanguard doesn't need any maintenance window, and with ITORO assistance it will be a smooth transition into full protection and filtering for Your network.