i just want to open a discussion around the evolving of filtering malicious traffic and how to drop or minimize the traffic inside your network before it breaks out.
ive been doing some research around this topic and not getting any solid solution. we are basically getting blacklist everyday where we have to allocate a new public src nat ip for breakout.
this is influencing our services that we provide to our customers as an isp.
im really open for discussion on how we can go forward in not being blocked so many times.