Does Your DDoS Protection Solution Defend Against the Latest Attacks? 


Last year 86% of enterprises were impacted by a DDoS attack (Radware annual security report).  This means 86% of businesses suffered outages that at a minimum impacted their employees and as a worst case, impacted their customer experience and revenue.  There’s no room for mistakes when choosing your security technology and approach. Enterprises need to ensure that the selected vendor is capable of defending its network and applications from the latest DDoS burst and multi-vector attacks. 

What happens to businesses without the right protection?    

Here’s an example.  An APAC bank became the latest target of a DDoS attack campaign which began in early September.  The attacks initially impacted the bank’s primary service provider.  Although the bank deployed Akamai’s Cloud DDoS protection service a few days before the attack, this service was not able to identify and mitigate all bad traffic.    Bad traffic “leaked” from the Akamai solution, impacting the bank’s Checkpoint Firewalls, causing additional service outages.  Unfortunately for the bank, these outages captured public attention. 

The bank’s IT team initially thought they could handle the DDoS attacks with their existing solutions.  However, after more unsuccessful mitigation attempts including damaging news stories, the bank’s management called a meeting between their IT team, Cisco and Radware to architect a solution. 

[adbutler zone_id="276005"]

SOLUTION 

The team recommended Radware’s on-premise DDoS device to provide enhanced protection from the latest attack vectors which the Akamai service couldn’t handle.   

In mid-September the first appliance was deployed inline, initially in Report mode.  Ten days later, the bank IT team needed  assistance with a large volumetric UDP/TCP flood attack, with burst characteristics, against its VPN.  The Akamai Cloud DDoS solution handled up to 100 Gbps of the attack but “leaked” another 2-2.5 Gbps of bad traffic, causing remote connectivity issues and disruption to their banking operations.  The attack traffic leaks continued until Akamai initiated blacklists for the bad traffic. 

Traffic Leakes
Figure 1. Attack traffic leaks from Akamai Cloud DDoS solution halted by blacklisting 

[You may also like: Smart DDoS Protection During the COVID-19 Crisis]

The DDoS protection appliance in Report mode immediately identified attack vectors the Akamai service was not able to identify and mitigate, including UDP FRAG and ICMP/UDP/DNS reflection attacks. Radware’s DDoS solution offers protection against advanced DDoS attacks, including Burst attacks, low and slow attacks, UDP fragmentation and SYN Floods, that cloud scrubbing services are unable to provide.  Cloud services, by definition, look only at inbound (ingress) traffic; they are unable to protect against attack vectors which require two-way visibility into traffic.  

Once the Radware team performed a thorough traffic analysis to ensure there were no false positives and moved policies from Report to Block Mode, the bank was fully protected. The bank appreciated Radware’s technology to identify and defend against attacks . Since the incident, Radware’s DDoS protection appliance has been installed in all of the bank’s data centers. The bank has not suffered any additional outages and now enjoys the benefits of Radware’s DDoS protection. 

For additional information, see the bank case study here.

Questions to Ask In Order to Evaluate Security Vendor Capabilities 

When evaluating security solutions, make sure to ask vendor whose products you’re evaluating the following questions:  

 

 

  1. Can you ensure business continuity under attack? 

 

 

  1. What attacks does your solution defend against? 

 

 

  1. Do you use behavioral learning algorithms to establish ‘legitimate’ traffic patterns? 

 

 

  1. How do you distinguish between good and bad traffic? 
Debra Price

Debra Price

Debra is a Solutions Marketing Manager at Radware, managing the analyst relations, competitive intelligence and solutions marketing programs. She began her security career in 1999 as a product manager at AT&T, uniting cross- functional teams to produce and sell services including encryption, threat management, email and web security, and IoT security. She obtained her Certified Information Systems Security Professional (CISSP) certification in June 2004 (Member ID 58719) through the International Information Systems Security Certification Consortium (ISC)2. Debra shares her security knowledge through the (ISC)2 Safe and Secure On-Line program by giving talks to adults and children about proper Internet use.

Related Articles

Radware Successfully Defends Financial Institute from Large l7 DDoS Attack DDoS Protection Radware Successfully Defends Financial Institute from Large l7 DDoS Attack On October 14, 2024, Radware was called upon to mitigate the largest L7 DDoS attack against a major financial institution. The attack, which peaked at 16 million requests per second (RPS) and over 6.5 billion transactions, was neutralized without any downtime or service disruption. Here’s how Radware’s advanced Web DDoS Protection defended the financial institution and ensured business continued during this unprecedented assault. Rotem Elharar |October 17, 2024
Leveraging Cloud DDoS Protection with MSPs and Carriers to Strengthen Security and Expand Business DDoS Protection Leveraging Cloud DDoS Protection with MSPs and Carriers to Strengthen Security and Expand Business DDoS attacks are more sophisticated and damaging than ever, posing a significant threat to service providers and their customers. Carriers and Managed Security Service Providers (MSSPs) face a growing challenge: how to provide robust, scalable, and cost-effective DDoS protection - not just for their networks, but as a service they can resell to their customers. Azri Smolarchik |April 08, 2025
Introducing AI SOC Xpert: Revolutionizing SOC Operations DDoS Protection Introducing AI SOC Xpert: Revolutionizing SOC Operations In today’s rapidly evolving cyber threat landscape, Security Operations Centers (SOCs) are the frontline defenders of an organization’s digital assets. However, traditional SOCs often struggle to keep pace with the sophisticated and fast-moving nature of modern cyberattacks. Enter AI SOC Xpert, Radware’s groundbreaking new cloud service designed to transform SOC operations and elevate cybersecurity defenses to unprecedented levels. Eva Abergel |November 21, 2024

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia