mirror of
https://github.com/pavel-odintsov/fastnetmon
synced 2024-11-23 17:32:59 +01:00
401 B
401 B
Why netflow is not an best solution for DoS/DDoS attack detection?
- It need additional licenses or even hardware (Juniper MX240, MX480, MX960 - additional license)
- It realized in software and can overload equipment (Juniper SRX, J-series, Microtic, VmWare, Linux)
- Even on top equipment flow-active-timeout starts from 60 seconds and it's very slow for massive attacks and slow-speed-attacks both