Ethernet Switching
Highlighted
Ethernet Switching

ex4200 and sflow for attack mitigating ?

‎12-17-2019 08:49 PM

Hello,

we have many EX4200 and we want to run a fastnetmon and set all switches send sflow to the fastnetmon so we can detect the attack and blackhole it,

but i read that ex4200 has limitation of 300 packets/second and its not configurable, so i want to knwo is this limitation ok for attack mitigation ? can this handle all packets and show us correct results/

thank you.

1 REPLY 1
Highlighted
Ethernet Switching

Re: ex4200 and sflow for attack mitigating ?

‎12-17-2019 10:26 PM
Hi blackmetal,

Yes EX4200 can be configured for sflow and it will help with sampling packets. Yes there's a recommendation of 300pps as the most aggressive configuration here: https://www.juniper.net/documentation/en_US/junos/topics/example/sflow-configuring-ex-series.html

Hope this helps.

Regards,
-r.

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated :).
Feedback