Skip to main content Skip to search
Blog

Data-Driven DDoS Protection Decision Making

The unrelenting wave of multi-vector DDoS attacks has blossomed into a full-fledged systemic problem for organization of all sizes. And it shows no signs of slowing.

To calm the mounting concern over inadequate multi-vector DDoS protection and defense capacity, organizations find themselves tapping already strapped budgets to increase spending on DDoS detection and mitigation. In fact, 74 percent of respondents to a recent A10 Networks-commissioned IDG Connect survey specifically mention multi-vector attacks as the reason they plan to increase spending on DDoS protection in the next six months.

Industry statistics echo that attitude: DDoS protection is the fastest growing sector in the cybersecurity market, and it’s expected to maintain that status through 2021.

That is great news for the A10 Networks and the other members of the DDoS defense vendor community, but it presents unique challenges for you as you wade through data sheets with speeds and feeds to find the solution that’s the best fit for your organization.

The DDoS Protection Decision Crossroads

Making a purchasing decision is hard enough as it is. And when the stakes are high, the difficulty of that decision mounts exponentially. That’s the intersection where large enterprises and service providers stand today: How do you build an affordable and effective defense strategy for today while planning for it to double or triple every year?

We see familiar responses from business decision makers when you find yourself at this crossroads. Here’s the two-step process:

  • Step 1 – Contact your legacy vendor. This is a normal response for companies, because leveraging sunk costs and expanding from there seems to be the prudent approach. That perceived prudence is often short-lived, however, and gives way to panic as the enormous quote causes sticker shock. Next comes the realization that the current path may be unsustainable.
  • Step 2 – The search begins. You realize you need to find better ways to ensure you’re investing in solutions that are more effective and scalable, and that make sounder economic sense, all while ensuring future protection.

Changing vendors is hard, but in many cases using modern approaches can save money in the long run and even in the near term. What you need is data. Vendors like A10 Networks create data sheet, app notes and use cases to help you understand our individual solutions’ capabilities. But there are limits to what these documents can tell you about how solutions will behave in real-world scenarios and how they will protect your one of a kind infrastructure.

Putting Thunder TPS to the Test

IXIA tested logoA10 Networks contacted Ixia, the industry’s leading application and security testing platform company, for quantifiable data on DDoS defense effectiveness at scale while under real-world multi-vector DDoS attacks. The result is a vendor neutral methodology to help you make more informed, data-driven DDoS defense decisions.

Using the Ixia BreakingPoint security testing platform and Ixia’s testing methodology, Ixia ran Thunder 14045 TPS through a battery of tests. They examined how it responds to 15 individual attack strategies and while it’s under a 310 Gbps simultaneous multi-vector attack.

They took special care to monitor legitimate user workloads to observe if any collateral damage was inflected during the attack. After all, isn’t that the point of DDoS defenses; to protect the availability of legitimate users?

We used the results to create a detailed report that gives you insight into Thunder TPS’s capabilities under real-world attack traffic.

Here’s a glimpse at some of the results:

  • Thunder TPS successfully defended more than 310 Gbps of attack and legitimate user traffic
  • Thunder TPS’s average CPU utilization was less than 60 percent average while under full attack
  • Thunder TPS detected and mitigated all 15 attack vectors
  • There was no interruption to legitimate user traffic during the attack

Read A10’s full results and the Ixia methodology in the “Testing DDoS Defense Effectiveness at 300 Gbps Scale and Beyond” report to find out how Thunder TPS 14045 performed under a wave of crushing multi-vector DDoS attacks applied by Ixia BreakingPoint.

To learn more about A10 Thunder TPS, download our data sheet.

 

Categories:


Donald Shin
|
October 16, 2017

Don has over 15 years of experience in the Networking and Security industries. Prior to A10, Don work in a variety of roles in R&D, product management, and… Read More