How Defense Messaging Can Speed up Time to Mitigate DDoS Attacks

January 5, 2016 02:00 PM

One of the primary capabilities to consider when evaluating DDoS mitigation services is time to mitigate. Specifically, how quickly can effective DDoS attack mitigation be enabled once a DDoS attack is detected? The immediacy of DDoS mitigation is important for one very obvious reason: downtime costs companies money and many modern attacks create immediate downtime when they hit. The faster a DDoS attack can be mitigated, the faster the site is back up and the less financial impact to the company.

Another reason DDoS mitigation immediacy is important is that an increasing number of DDoS attacks stay below the threshold of detection and exhaust very specific resources within a network. For these attacks, on-premise attack detection and DDoS attack mitigation solutions provide the best DDoS protection. Then when combined with cloud-based protection for large DDoS attacks, often called hybrid protection, companies have the ideal architecture to protect against sophisticated multi-vector attacks.

But not all hybrid DDoS mitigation solutions, both on-premise and cloud resources, are created equal in terms of time to mitigate capabilities. More advanced hybrid DDoS mitigation solutions feature Defense Messaging, a sharing of key information between the resources on-premise and in the cloud. Providing an automated exchange of information such as normal traffic patterns, attack traffic patterns, pipe saturation levels, and attack footprint, can significantly improve the efficiency of DDoS attack mitigation when traffic is rerouted to the cloud.

Another recent dynamic with cyber-security attacks is the combination of DDoS and non-DDoS attack vectors. While DDoS attacks tend to dominate the headlines, statistics show that they make up around 25% of attacks, but the combination of Cross-Site Scripting (XSS) and SQL injection together exceed this percentage. These types of attacks are typically mitigated using a Web Application Firewall, which looks for attacks against application logic. For an added level of sophistication in DDoS attack mitigation, look for capabilities which enable defense messaging across DDoS protection devices, both on-premise and cloud, and web application firewall (WAF) technologies.

Be wary and thoroughly explore vendor claims of time to mitigate. Some vendors may quote statistics related to the time their product takes to initiate the first mitigation tactic, but might not include the time required to determine the ideal DDoS mitigation tactics for a given attack. This will vary by vendor, but should be considered when assessing time to mitigate capabilities.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center