RTBH
Block Type Response Integration
Prior to creating a RTBH plugin, you will need to configure at least 1 device with a unicast BGP neighbor.
Usage
The Remotely Triggered Black Hole (RTBH) block type response integration enables the quick isolation and nullification of malicious traffic. It operates by directing unwanted traffic into a "black hole," effectively protecting the network from potential threats such as denial-of-service (DoS) attacks.
Integrated with Netography's analytics, monitoring, compliance, and reporting tools, RTBH serves as a scalable, cost-effective, and robust solution for maintaining network integrity and security.
Netography Portal Steps
Navigate to Integrations (make sure you are on the Response tab) and click "Add Integration", then select RTBH
Configuration
The following fields are specific to the RTBH integration.
| Field | Required | Description | Examples |
|---|---|---|---|
Next Hop | yes | 12.12.12.12 | |
Neighbors | yes | IPv4/v6 unicast BGP neighbors configured in the Netography Portal. | |
Communities | yes | One or many BGP communities. | 3232:32 |
Local Preference | yes | Used to choose the exit path for an autonomous system. Default 100 | 100 |
Factors | yes | srcip | |
Expiration | Number of seconds the blocklist will remain active | 3600 | |
Max | Limit on number of blocks | 1000 | |
Allow List | One or many Allow Lists configured in the Netography Portal, or a List of IP or IP/CIDR addresses | ||
Aggregate | Aggregate IP addresses by mask length |
Updated 7 months ago