FastNetMon and F5 Distributed Cloud (XC): An enhanced DDoS strategy.
In the world of DDoS, the more help seems to be the better when trying to thwart attacks. F5 recently partnered with FastNetMon to provide that extra help for those that want to use their own detection mechanisms but use cloud scrubbing for mitigations.
So who IS FastNetMon?
Founded in 2016, they focus on developing scalable DDoS detection and mitigation software that can run on any network. FastNetMon has a presence in 134 countries, which is impressive given their humble beginnings in the open-source community. They believe every business needs DDoS protection and, like F5, pride themselves on helping protect businesses against the - not if but when - inevitable DDoS attack(s).
FastNetMon offers a variety of ways to deploy at the customer edge, from containers to virtual machines. FastNetMon specializes in developing scalable DDoS detection and mitigation software. Using the same scripting modeling that was previously used for <legacy> Silverline, F5 has recently enlisted FastNetMon again, but this time for Distributed Cloud (XC).
What is the partnership all about?
In a nutshell, FastNetMon created an integration where upon detecting a DDoS attack, could announce the targeted /24 prefix to the Distributed Cloud scrubbing centers but also could withdraw that same route using an F5 XC API. The benefits of this integration are many, including completely automated logic to rapidly detect, announce, and withdrawal the attacked prefix.
In order for this to work, two things to note. An API service credential needs to be created and permissions need to be set within the tenant for FastNetMon to operate.