WanGuard - DDoS Filtering with BGP FlowSpec

DDoS, Wanguard

06.03.2023 · 1 minutes read

WanGuard has new option that is hardly utilized that allows to have BGP FlowSpec counters on Juniper routers.

WanGuard from 8.1+ version has a feature that enables FlowSpec counters on Juniper routers.
This might be useful to count packets that are filtered on Juniper M/MX routers and add additional visibility during attacks.
Those packets can be any type set in Anomaly Detection and enabled in WanGuard detection module, so this way we can count any amount of traffic that is over DDoS threshold that was set.
To enable this feature You will need SSH connection to Juniper with login and password. You can find this under ExaBGP connector.

Below You can see simple ICMP flood with counters enabled.

WanGuard DDoS report with FlowSpec counters

Piotr Okupski

CEO at ITORO, DDoS Specialist

Piotr Okupski has worked in the IT industries for over 15 years as a Network and Systems Engineer. As CEO in ITORO, Piotr is the principal engineer and solutions architect providing support for ITORO's customers. He likes to Keep It Simple, but with a focus on the details, as they are most important for performance and future proof of any anti-DDoS remedy.

Przeczytaj inne historie

Wanguard

Black Friday promotion for all customers who order before the end of 2023

Checkout our promo prices for WanGuard Installations for 10/40/100GE speeds.
Przeczytaj całą historię
DDoS, Wanguard

Wanguard Filtering options

Wanguard filtering options
Przeczytaj całą historię
Performance, Wanguard

Wanguard 7.2 New Features

Recent update adds InfluxDB support and newer DPDK stack
Przeczytaj całą historię