In DDoS Defense, Pinpoint Precision Is Imperative

Let’s face it, in the DDoS protection world, false positive alerts are just downright frustrating.

They turn every day into a firefight against a fire that doesn’t actually exist. They waste time. They waste resources. And they test your patience.

But when you get an alert, you have to look into it, right? Sure, it could be a boy-who-cried-wolf scenario, but you can’t be certain. You don’t want that one alert to which you don’t respond to be the one that’s real.

But how do you effectively and efficiently weed out the noise of false positives so you can only focus on true positives? How can you separate legitimate traffic from actual attack traffic? And how do you ensure your DDoS solution is accurately detecting anomalies so your phone and email aren’t blowing up with bogus alerts day in, day out?

You need a DDoS solution that examines a wide range of behavioral indicators and can apply escalating protocol challenges to surgically identify attackers from valid users. Your solution must also learn peacetime network conditions, which enables precise stateful and stateless detection of anomalies.

Why?

This helps ensure you can scale to mitigate complex application attacks, like HTTP and DNS attacks, and that suspect traffic is escalated through tough countermeasures to minimize legitimate traffic drops.

For the SecOps teams, that means event-triggered scripts and alerts only occur when a true threat is detected, boosting agility, reducing time to resolution and, perhaps more importantly, alleviating the headaches created by false positives.

A10 Thunder TPS tracks 27 traffic and behavioral indicators to ensure anomalies are uncovered quickly and accurately, and that you aren’t plagued with false positives. In the DDoS  protection world, our 27 behavior indicators is several orders of magnitude more than the competition. One of the largest DDoS providers largely depends on monitoring two indicators – BPS and PPS – meaning their ability to monitor and analyze threats is less accurate and results in more false positives and negative alerts.

Twenty-seven behavior indicators is just one data point that separates Thunder TPS from the pack. For example, Thunder TPS delivers the industry’s best attack throughput of up to 300 Gbps at a rate of 440 Mpps; it provides unrivaled 100ms mitigation intervals; and protects 60 attack vectors built into the FPGA hardware for greater performance and scale.

A10 Thunder TPS is also backed by 24/7 DDoS attack support from the A10 DDoS Security Incident Response Team (DSIRT), which is included with A10 Support.

Think of how much easier life would be if you received a fraction of the number of false positives you receive today, while still having the confidence that your network and applications are protected by industry-leading DDoS defense that delivers the best scale and performance on the market.

Thunder TPS frees you to focus on true positives. And in the world of DDoS protection, the truth will set you free.

For more on A10 Thunder TPS, download our data sheet.

Add new comment