Internet2

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Blogs

DDoS Update from the 2017 Internet2 Global Summit

May 31, 2017, by Nick Lewis
Tags: 2017 Internet2 Global Summit, Frontpage News, Recent Posts, Security

We had many different formal and informal discussions with campuses and regional networks at the 2017 Internet2 Global Summit about DDoS mitigation. We had at least 5 different sessions or meetings where we talked about the Internet2 DDoS mitigation activities. Some of the sessions were a BoF for the community to discuss the problem, an advanced technology demonstration of the DDoS Scrubbing Service Portal, a general presentation on the Internet2 DDoS Mitigation Strategy, and a presentation from Cloudflare in the Idea Corner on cloud services. We had many topics of conversation that continued through the entire meeting.

We now have a pilot service for volumetric DDoS Mitigation Service that just started as part of the Internet2 DDoS Mitigation Strategy. During the DDoS Mitigation BoF, we discussed how the service was being designed and potential peering options, different monitoring options, potential international peering impacts, and service characteristics. Please contact DDoSService@internet2.edu for more information. In the Idea Corner, we presented on our continuing work with Cloudflare as a Provisional Service for application level DDoS mitigation. Please contact Nick Lewis if you have questions about Cloudflare.

We received useful feedback on how to communicate about the services to minimize the confusion around the differences between the services. There were also questions about how the scrubbing service works, how BGP Flowspec might be included in the future and how the signaling for the campus would happen when a campus was under attack and when they wanted to switch back. One attendee described how what seemed like a small DDoS attack had significant impact on a campus wireless network.

DDoS continues to be a hot topic in the higher education networking community. I attended the Educause Security Professionals Conference after Global Summit and talked to several campus information security staff where they were more inclined to have their networking teams take the lead on their DDoS mitigation. Through this partnership, campuses can ensure their DDoS mitigation activities more effectively manage this risk for their campuses.