DDoS Protection Best Practices

February 16, 2016 02:00 PM

Wondering how to prevent DDoS attacks? Here we provide a set of DDoS protection best practices for organizations to follow when strategizing a DDoS attack defense plan.


Before an Attack - What to Consider When Implementing a DDoS Protection Solution

  1. Recognize that no organization is safe. It’s not about if you will be attacked but when.
  2. Identify your risks and security needs. The best DDoS protection solution is a good offense.
  3. Implement DDoS detection tools from the same vendor. If you implement detection tools from different vendors, make sure they are able to communicate with one another and share relevant information to ensure optimal detection.
  4. Make sure detection tools are optimally located. Remember, you can only protect against what you can detect.
  5. Integrate your best DDoS protection and security strategy into your organization’s policies and procedures.
  6. Prepare staff and assign them specifically defined roles and responsibilities for preventing DDoS attacks when your organization is faced with a DDoS attack.
  7. Perform ongoing tests and evaluations of your systems and of new technologies available in the marketplace. Verify whether your organization can benefit from an out-of-path implementation of some detection tools, and evaluate implementation of a hybrid DDoS protection solution to protect and prevent your organization during DDoS attacks that saturate the Internet pipe.
  8. Make sure your staff knows the DDoS attack do’s and don’ts. Create and circulate a list of people to contact when under attack. If a public website is at risk of going down, prepare an explanation and apology for users.

During a DDoS Attack - How to Minimize Damage and Interference to Business

  1. Stay calm. Manage the DDoS attack. Take control.
  2. Contact the in-house and/or vendor’s Emergency Response Team to make sure the best DDoS protection practices are carried out. If you depend on an ISP vendor, contact them now.
  3. Identify the detection point, attack type, and DDoS attack tool used, and then decide on the best DDoS protection and mitigation service.
  4. Transfer traffic to the cloud scrubbing center unless you are close to pipe saturation.
  5. Document every step of the process.
  6. Reassure your customers. Have a spokesperson ready to provide information to your customers during the attack using blog posts, Twitter, press releases, and the like.

After an Attack - What You Can Learn from the DDoS Attack

  1. Perform a damage control analysis and review reports and forensics. Learn what went wrong so you can better prepare and prevent DDoS attacks in the future. Leave no stone unturned.
  2. Optimize your security architecture to help prevent DDoS attacks in the future. Make sure you analyze and evaluate every aspect of the DDoS attack. Adapt technologies, policies, and solution strategies accordingly.
  3. Manage PR. Provide customers and press with relevant details. Consider implementing a marketing campaign to win back the hearts of disappointed customers.
  4. Make sure your forensics information and DDoS attack reports are available in case they are needed to support a law enforcement investigation.

Summary of Cyber-Attack and DDoS Prevention Best Practices

  • Ensure the deployed solution provides the best DDoS protection available, along with the shortest time to mitigate. Time is of the essence.
  • Fill in the holes. DDoS mitigation solutions need to offer wide attack coverage that can detect multi-vector attacks that hit different layers of the infrastructure.
  • Use multiple layers. Resolve the issues of single-point solutions with top cloud-based protection that blocks volumetric attacks along with an on-premise solution that blocks other, nonvolumetric attacks.
  • Mitigate SSL attacks, which remain a major threat. Deploy SSL-based DoS/DDoS mitigation solutions that do not affect legitimate traffic performance.
  • Work with a single point of contact. In the event of an attack, this person can help prevent the DDoS attack by diverting Internet traffic and deploy the right quick-turnaround DDoS mitigation solutions.

While no strategy is foolproof, organizations can go a long way toward preventing DDoS attacks and mitigating the short- and long-term damage caused by DDoS attacks by choosing the right vendor with the best DDoS protection solutions for their security needs, implementing a hybrid DDoS protection solution that provides ample coverage, analyzing real-time and post-DDoS attack data, verifying vendor DDoS attack support levels, and understanding key regulatory initiatives. To understand how Radware's attack mitigation solutions can better protect and prevent DDoS attacks against your network contact us today.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center