Be Ready for the Next Generation of DDoS Attacks – ‘Cause They’re Coming and They’re BIG
One of the world’s foremost security conferences, RSA, was held under unusually stormy conditions in San Francisco—unintentionally showing just why security is important. Weird things take us by surprise, right? And so it goes with DDoS attacks too.
The question with DDoS attacks—like the rain—is not IF they’re coming, but WHEN. And WHEN they affect your business, how BIG will the impact be?
It’s no secret that people are worried about DDoS attacks—that’s one of the top security concerns in 2014. They can tarnish brand reputation, impact revenue, and result in unplanned recovery costs—which can affect your job and future work.
So how can you mitigate the impact of DDoS attacks to business? Paul Nicholson, Director of Product Marketing at A10 Networks, addressed this question and more after he was safe and dry in Moscone Center.
Network threats include volumetric attacks that consume targets’ bandwidth (for example, TCP SYN Flood, UDP Flood, and ICMP Flood), protocol attacks that are targeted high rate protocol attacks to exhaust specific resources (for example, Ping of Death, LAND attack, and DNS Amplification attack), resource attacks that exhaust resources by using traffic that seems legitimate (for example, Slowloris, Slow READ, and HTTP GET attacks), and application attacks that exploit vulnerabilities in the application (for example, SQL Injection and cross-site scripting).
And what are some considerations for effective DDoS mitigation? For volumetric attacks—scale with attack capacity growth. For protocol attacks—use high-speed packet and protocol integrity check and precise threat lookup for burst attack. For resource attacks (which includes some application attacks)—advanced L4-L7 intelligence and DPI, plus high processing capacity.
What are A10 Networks solutions? They’re built on A10’s popular Advanced Core Operating System (ACOS)—a 64-bit multi-core optimized technology platform that provides application security, application acceleration, and application availability. ACOS can handle a lot of big problems.
Thunder Threat Protection System (TPS) is a dedicated DDoS mitigation solution for larger networks that only require DDoS protection. Covering the entire network, it has unique deployment modes and additional features. Thunder TPS gives the highest performance and affordable DDoS mitigation within the business’s own control.
Thunder Application Delivery Controller (ADC) is multi-service. It’s compact, complete, and converges DDoS, ADC, and other solutions for servers. Thunder ADC provides comprehensive application services, high consolidation, and is simple to own and operate.
Paul closed his presentation by running through several attack mitigation examples, showing functional testing with Ixia’s BreakingPoint. This illustrates that although DDoS attacks are an ongoing concern, using the appropriate mitigation solutions will help you win the fight and get under the umbrella of better security.
Thanks to Ixia for inviting A10 to give this presentation at RSA and talk to many interesting conference attendees. Look forward to continuing the conversation.