What TCP port is under attack? If it's port 80 then I would suggest signing up for a service like Cloudflare.
The services that are targeted aren't http based unfortunately, so couldflare isn't an option. Our total connectivity is 20 gigabits, so ideally we would like to pass any traffic we recieve to our core layer, which can apply traffic ACLs at line rate. Really, I just want the CCRs to be able to forward all the packets it receives, including these bogus syn packets, so they don't fall over and lock up the rest of the legitimate traffic coming in.