DDoS Defense Deployments: Proactive Mode vs. Reactive Mode
Choosing whether you deploy DDoS defense in reactive mode or proactive mode depends on your goals as a business.
In the video above, A10 Networks’ Don Shin breaks down the differences between deploying DDoS defense in proactive mode and reactive mode.
Proactive mode delivers the highest resolution detection capabilities. It’s commonly used for real-time apps like voice, video and gaming. With proactive mode, detection is on all the time and you have an inline tool with 100 percent visibility through packet analysis.
Reactive mode leverages the flow data available from edge routers and switches and analyze meta data to detect anomalies. From there, you mitigate when you’ve detected a DDoS attack. With reactive mode, you can over-subscribe mitigation and mount a defense that is more cost-effective, but you sacrifice real-time response.
A10 Thunder® Threat Protection System (TPS™) supports both proactive mode and reactive mode deployments TPS supports proactive mode deployments through real-time, surgical attack mitigation that leverages tracking 27-plus different types of behavioral indicators. And for reactive mode DDoS defense, A10 partners with industry leading companies that take fresh new approaches to flow analysis using virtualization and cloud, which delivers stronger protection than legacy DDoS defense systems that are struggling to keep up with modern, sophisticated DDoS of Things attacks.
Read more about A10 Thunder TPS in this data sheet.