April 13, 2009

True size of a DDoS attack?

Filed under: Industry Talk — Tags: , , — admin @ 11:24 am

So your provider calls and tells you “You’re receiving a 10 Gbps DDoS attack, we’re going to have to null route your IP until it passes.” Really?! Maybe they told you that you could upgrade to a protection plan to stop this attack. It might cost you $20.00, $1000.00, or maybe even $20,000.

Stop and ask your self: “Is this legitimate?” Every day Black Lotus receives e-mails from customers stating that they’re under a 10 Gbps or 20 Gbps DDoS attack. Once we even had someone swear they had 50 – 100 Gbps attacks. Where are our customers getting this information? If we were gambling men (and women) I would say they’re either making it up or someone else put it into their heads. Perhaps a competitor told them this to beat the heat of having to explain that they’re not a protected provider or that the protection they offer is inadequate.

So what is the true size of a DDoS attack and the cost of protecting against it? Here at Black Lotus only a few hundred dollars will be enough to stop a 1 Gbps or 500,000 packet per second attack (compare to $1500 to $11,000 elsewhere).  This is where a typical sales conversation may spin into, “Only 1 Gbps? I need more, my provider says i’m receiving 10 Gbps.” In the real world attacks of this size cost five to six figures to mitigate and generally cause severe disruptions across the internet that would have the global network engineering communities up in arms and at the ready. People on NANOG would be talking about it.

“Respectfully sir, I don’t believe you are,” we may reply. Why? It has been our experience in the past six years of focusing on DDoS protection that relatively few attacks burst past 1 Gbps. A typical attack against 99% of web sites might top out at 200 – 300 Mbps. Once in a blue moon a customer will make enemies with some seriously dangerous persons resulting in a 1 – 3 Gbps attack. We even had a potential customer just the other day claim one of our competitors was stopping these phantom 10 – 20 Gbps attacks on a routine basis at $250.00 per month. I wish they were, I really do that way I could just buy service from them and resell it instead of investing thousands into our own infrastructure and human capital.

At the end of the day if a provider tries to tell you that you need more than a couple Gbps of protection or that they’re going to sell you 10 – 20 Gbps of protection at something less than four to six figures then we will leave you with this: You’re probably the victim of a scam.

February 10, 2009

DDoS protection price gouging

Filed under: Industry Talk — admin @ 1:12 pm

For the better part of five years now there has been a serious epidemic of price gouging in the DDoS protection industry. If you’re a business person you might ask, “Why not?”, those needing to save their business from attackers may be willing to pay just about anything and unfortunately this has proven to be true when you look at the numerous businesses still using and recommending our competition.

There are many DDoS protection outfits in town today but we want to focus on a couple of our most prominent and capable competitors:


Prolexic




Perhaps one of the better known providers in the industry Prolexic’s pricing has long been somewhat of a secret. A quick scan of their DNS servers reveals that much of their business is casino, e-currency, and other high revenue sites. Perhaps a great solution for a company that may have “Unlimited Free Money” (trademark pending) but this does not work for the average Joe.

Verdict: You’re not getting through the door with Prolexic for less than $6500.00 per month with a $8500.00 setup.

Source: Looks like one of their customers left a price proposal laying around:  http://paradigmascension.org/PRO-intro_bro3-July2007.pdf (if this link ends up breaking ask us for a copy by contacting admin@blacklotus.net )


Gigenet




There was a time when Gigenet used to provide very affordable services but those times are over. In recent years they’ve begun charging thousands of dollars for protection that you could easily perform yourself on a dedicated server with a 100 Mbps FE and a little bit of elbow grease.  Infact, their $1299.00 per month product will only afford you 20 Mbps of protection. We’re still not even sure what kind of DDoS attack they think they’re going to protect against at 20 Mbps or why their customers do not realize the extreme level of proverbial highway robbery that’s taking place here.

Verdict: 1 Gbps of protection will cost you a whopping $10,999.00 per month. Last year Derek Raines at Gigenet also gave us a quote for a very similar $10,000.00 per month for the same product when we were shopping for alternate solutions for one of our customers. You’ll see in the WebHostingTalk thread listed below that their management is now trying to backpeddle and say that the prices vary. Okay, but not by much from the looks of it.

Source: They’ve begun advertising this pricing right on their web site at http://www.gigenet.com/hosting-solutions/ddos-protection.html . Guess they grew tired of responding to customers thought they might be able to attain decent pricing.  Here is a member of their staff confirming that the prices are “generalized:” http://www.webhostingtalk.com/showpost.php?p=5549638&postcount=16


Black Lotus DDoS Protection




With our product you’re not going to run into price gouging. We’ve always been “First and Leading” in high value, low cost services. In fact, in January 2009 we revamped our price structure to include a baseline 1 Gbps of protection with our entire BLCC Elite product line.

Verdict: Our Elite services will only set you back a few hundred to get in the door while our Mitigation Critical service level, the highest in the industry, starts at a very cool $2500.00 per month with a fully refundable setup fee! A voluntary contract can bring this down another 25% while other providers may require one!

Source: Check out http://www.blacklotus.net/protection . Contact us at sales@blacklotus.net and let us show you the cost savings!