Cyberwarfare Intelligence Against the most Powerful Cyber Weapon: DDoS Attacks
DDoS (Distributed Denial of Service) attacks have evolved for over the last 10 years becoming more sophisticated and significant threat to critical public-facing web operations. Ultimately, the perpetrators’ motivations are more alarming for a wide range of organizations including online money-making operations, critical public infrastructures, military networks, enterprise networks, e-government operations and agencies. Any organization that conducts online business or has in distinctive investments in their online brand and reputation is a potential target. While many organizations are highly concerned about the DDoS threat, few organizations have specific tools for detecting and defeating the attacks completely. Despite popular belief, the traditional stand-alone measures such as Firewall/IPS systems, reliance on Internet Service Providers (ISP) or cloud scrubbing centers which are implemented within most organizations, are insufficient to detect and mitigate today’s highly sophisticated attacks.
Winner Solution = A Dedicated Appliance + Security Intelligence
As the sophistication of the DDoS attacks are increasing day by day, the intelligence level of the detection and defence systems gain much importance to be protected against these cyber weapons. The three main features of the DDoS attacks are frequency, size and complexity. Since the frequency can be controlled only by the attackers, DDoS protection solutions focus on the remaining two challenging attack features: size and complexity. The best solutions to solve the size issue are bandwidth overprovisioning and service provider’s traditional protection tools that ignore sophisticated application level – Layer 7 attacks. When we have a deep look at the size issue, the researches show that 75% of the DDoS attacks are "LOW AND SLOW ATTACKS" under 1 Gbps attack traffic which is enough to make your web infrastructure down. To avoid the devastating results of DDoS attacks, there needs to be a dedicated appliance that is capable of detecting and mitigating a wide variety of DDoS attacks including TCP, UDP, HTTP, ICMP, SMTP, VOIP and application level specific attacks.
DDoS Mitigator’s DDITM (Deep DDoS Inspection) Technology is designed to be your intelligent shield against DDoS attacks with Advanced Persistent Threat (APT) capabilities. By its Best-Of-Breed anomaly engine with heuristic and non-heuristic algorithms supported by 34+ data sensors and innovative proportions feature based on historical data collections and timely averages, unpredictable DDoS traffics can be detected on real-time for cleaning.
In addition to state-of-the-art defence functions providing high-level protection to your web and DNS infrastructure by its normalization, protection and protocol-specific security tools, preemptive defence functions are continually active day and night. The DDoS Mitigators all around the world create a wide security intelligence network you can access in real-time which is one of the key-differentiators.
Success comes with cooperation when DDoS is the issue. DDoS Mitigator Appliances come with global 7/24/365 monitoring, technical support and CERT (Computer Emergency Response Team) services based on human intelligence and experience.
COMMON MISCONCEPTIONS on DDOS DEFENCE
* "It’s better to fully outsource the DDoS protection job. "
The reality: DDoS Attacks are the latest warfare tools based on cyber world.
Whether you’re an organization in military sector or a medium-sized enterprise there is always a high-risk to outsource the IT security issue, especially DDoS. Considering the fact that today the cyberattacks are used or backed by governments, directing your internet or web traffic to the cloud data centers located in other countries doesn’t sound secure and solution to rely on.
* "There are Firewall and IPS appliances in my network. So, I’m safe."
You’re not safe. Actually, you’ve already been a part of the problem. Since the the DDoS attack is caused by overloading, the inline appliances that you trust such as Firewall or IPS with limited processing performance and number of concurrent sessions will cause the bottleneck. You need a dedicated DDoS appliance solution to stop DDoS attacks before reaching the interior network appliances.
* "Cloud or ISP Scrubbing Centers can protect my web infrastructure."
The protection services that scrubbing centers provide can handle less sophisticated and volumetric attacks by the help of traditional rate-limiting/threshold methods. And also total cost of ownership in that solutions are high according to similar functional on-premise solutions. For more sophisticated and non-volumetric application-layer (L7) DDoS attacks, these solutions are insufficient.
As a second weak spot, they can’t provide any protection against the risk of zombies in your networks which are managed to conduct DDoS attacks by occupying your bandwidth, by overloading your bandwidth.
About Labris Technology (www.labris.eu)
Since 2001, Labris Technology has been an R&D focused and rapidly-growing provider of network security solutions through its globally-proven products. Labris® ensures ultimate network security through its extensive product line including Firewall/VPN, Web Security, E-Mail Security, Lawful Interception and Availability Protection solutions on LBRUTM, LBRLOG and Labris® DDoS Mitigation appliances. Next-generation solutions are developed to detect, identify all kinds of real-time threats, applications providing a smart shield against intrusions, viruses, spam, malware and availability attacks.
Labris® with its worldwide partners is committed to the highest levels of customer satisfaction and loyalty, providing the best after-sales support by the multilingual Global Support Center. Being one of the Common Criteria EAL4+ certified security gateway brands in the world, Labris® products protect enterprises, brands, government entities, service providers and mission-critical infrastructures in over 20 countries.
