For a hospital network, how important do you see WAF / DDoS protection services?
Most of our services are 'internal', not published to internets but to our users connected via private MPLS or fiber connections. However we have some portals and services that people use over the internet. We're trying to figure out if we should go with F5 BIG-IP and have the WAF / DDoS features, or if we could live with haproxy or similar OSS products.
We have lots of services where the app is bought from an external consulting company. They install it, and it runs. However we're not sure (in the networking team) if the app is ever updated.
Do you think we should get the protection services, or any ideas or experiences regarding this? It is of course always about the money :) And as we've never had problems, customers are not really interested in paying more for the service...
We have our own IP address blocks we could advertise via DDoS scrubbing service and just get the clean traffic in.
Thanks for any ideas!
No comments:
Post a Comment