Within the DDoS appliance space, those appliances that do DPI or session handling, it is very important to understand how the setup rates comes into play.
Each appliance, be it DPI or Sessions based Proxy appliance or just plain Layer 2/3 Filtering devices, these devices have to look at traffic at very high speeds.
Each appliance has what it called a “connection setup rate” typically quoted in X many connections/second.
Nomenclature varies with each OEM. Some call it the ‘setup rate’, others ‘session setup rate’ and some even call it ‘Layer 4/7 Rate Handling’.
In the small mitigation appliance market (100Mbps-1,000Mbps), varies from 10,000 connections/second to a decent 25,000-30,000/connections per second.
If you opt for higher bandwidth appliances (Multiple 1G or 10G connections), the setup rates that come into play are like 50,000 connections per second (starting out) to as high as 250,000 connections/second.
If your appliance cannot keep up with the session setup rate, well, denial of service will happen.
Service providers are very much concerned by the set-up rate. The setup rate, either way is a very important component. Don’t be fooled by the setup rate of SYN Floods which are typically x10 higher than the Session Setup Rate. Some OEMs even obfuscate this information from their specification sheets.
In the DDoS Attack space, setup rate is a very important component, so be sure to ask your solution provider at what setup rate is the appliance rated for.
