DDoS Defense: Is Your Network Protected?
Distributed denial of service (DDoS) attacks are growing in both size and sophistication. Just last month, a pair of high-profile DDoS attacks reached more than 600 Gbps and 1 Tbps, respectively, ranking among the largest DDoS attacks on record. And their ferocity is only expected to trend upward.
DDoS attacks don’t discriminate. Mom-and-pop shops, enterprises, service providers and businesses of all types and sizes can find themselves in a threat actor’s DDoS crosshairs.
According to an A10 Networks IDG Connect report, everyone is a target, but some types of businesses come under fire more frequently. Entertainment and gambling are targeted the most, with 33 percent of DDoS attacks aimed at that industry, followed by advertising media and Web content (28 percent), and traditional and online retail (22 percent).
The DDoS effect
And while the financial impact of a DDoS attacks varies, the hard truth is: DDoS attacks are costing companies money. Lots of it.
A recent Ponemon Institute study revealed that between 2011 and 2016, the costs associated with a DDoS attack swelled by 31 percent, with some larger attacks exceeding $2 million due to lost revenue, business disruption and other hard costs. Brand and reputation damage, however, are largely immeasurable, but can also have a catastrophic lasting effect not easily broken down into dollars and cents.
At the same time, the number of DDoS attacks increased 75 percent year over year, according to the Verisign DDoS Trends Report for the second quarter of 2016.
The IDG Connect report found the average company suffers 15 DDoS attacks per year (some averaging as many as 25 DDoS attacks annually), and the average attack causes at least 17 hours of disruption, whether that’s downtime, latency, denied customer access or crashes. That’s 255 hours of disruption a year.
Can your business afford that?
To be properly prepared, businesses must brace for the worst-case scenario. But how do you prevent something that you don’t know when or if it’s coming? Here are four steps to help ensure your network can stare down and stand up to a DDoS attack:
- Be proactive, not reactive. Don’t wait for a major crash. You may already be experiencing attacks with slowed or blocked customer access, which can result in lost sales or dissatisfied customers.
- Beware of the “world of denial.” Ask tough questions. What do your customer satisfaction metrics reveal? Do you see indicators of lost sales? What’s the real cost of service restoration?
- Hope for the best, but prepare for the worst. Invest in sufficient DDoS protection and mitigation solutions early, before a major attack strikes.
- Defend against all vectors. Consider dedicated multi-vector DDoS protection using in-path mitigation, coupled with integrated threat intelligence, for the best accuracy. Include hybrid protection with a cloud-bursting service as an extra precaution to combat volumetric attacks.
A10 Thunder TPS
To help your organization combat DDoS attacks at the network edge, A10 Networks today expands its family of Thunder TPS (Threat Protection System) solutions, designed to easily integrate into your networks and your security architecture to keep DDoS attacks out and to keep your network and applications running uninterrupted.
A10 Thunder TPS is your first line of defense against DDoS attacks. It detects and mitigates DDoS attacks at the network edge, blocking multi-vector DDoS attacks before they happen.
Today, we add new options to the Thunder TPS lineup:
- The indomitable A10 Thunder 14045 TPS, which delivers massive scale and clocks in as the fastest box on the market with 300 Gbps of mitigation throughput capacity, or 2.4 Tbps in a cluster. It’s perfect for service providers, large websites and gaming platforms.
- The small and mighty A10 Thunder 840 TPS, a turnkey solution that gives enterprises and remote sites 2 Gbps performance.
- The virtual edition, A10 vThunder TPS, delivers 1, 2 and 5 Gbps and is available on VMware ESXi and Microsoft Hyper-V hypervisors.
Along with the new boxes, we’re delivering enhanced support from the A10 DDoS Security Incident Response Team (DSIRT), which delivers 24x7 on-demand assistance from our team of DDoS mitigation experts to help stop attacks and restore service. TPS customers also receive a subscription to the A10 Threat Intelligence Service, which leverages collective intelligence to block known bad actors and the platform is proactively updated with the latest threat vector information to ensure protection from the latest threats.
With A10 Thunder TPS, you can get predictable protection for unpredictable events. TPS is part of a defense-in-depth approach that ensures your networks and applications are protected from security threats, like DDoS.
For more on surviving DDoS attacks, check out our complimentary white paper, “The DDoS Factor: Costs, Facts & Insight into 2017’s Most Advanced Cyberattack Vector.” And for information about how A10 Thunder TPS can detect and mitigate DDoS attacks against your organization, please contact one of our cyber security experts.