Nov 19, 2021
85 Views
0 0

How to Choose the Right DDoS Protection Solution

Written by

Newsletter
Join thousands of people who receive the latest breaking cybersecurity news every day.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
Share this article:
Pankaj Gupta, Senior Director at Citrix, outlines how distributed denial of service attacks have become increasingly sophisticated, bigger and economically motivated.
Pankaj Gupta, Senior Director at Citrix
Distributed denial of service (DDoS) attacks have become increasingly sophisticated, bigger, and economically motivated. Even after 25 years, they still pose a huge security risk for every business. This is in large part because DDoS attacks are relatively easy and cheap to launch. A case in point: Bad actors launched the largest DDoS attack of all time in September 2021, demonstrating the continued viability of DDoS attacks for unscrupulous parties who have something to gain from them.
DDoS attacks are at the forefront of the war on digital businesses, and no company or industry is safe. DDoS attacks aim to overload (or exhaust) a business’s digital resources and prevent them from performing normally. At worst, the massive influx of traffic will cause web servers to crash. DDoS attacks can also be a smokescreen for data breaches, attempting to draw IT’s attention to the DDoS attacks rather than the data breach. Ransom DDoS attacks — where bad actors demand payment to prevent or cease a DDoS attack — are also on the rise.
So how can DDoS attacks be mitigated? They key is to block as much bad traffic as possible while keeping the application or service running optimally. And there are four key considerations each business must assess to select the right DDoS protection solution.
DDoS attacks come in many forms, but the primary types are connection-protocol attacks, volumetric attacks and application-layer attacks:
A truly effective DDoS protection solution must be comprehensive enough to mitigate all these attack vectors.
A key question to ask is “How scalable does my DDoS protection solution need to be?” The answer is “very” because the scope of DDoS attacks is increasing every day.
Another question to ask is: “Should I use cloud-based DDoS protection or defend my systems with an on-prem solution?” On-prem devices have a limited ability to scale on demand, so you must prepare for the lead times associated with increasing your capacity. Moreover, on-prem DDoS protection solutions can be complex to install and maintain, so a dedicated IT team would be necessary.
Cloud-delivered solutions provide a simple service with nothing to install or maintain and they can auto-scale with the size of a DDoS attack. They offer centralized mitigation to provide consistent protection across all applications and sites. The global presence of an established mitigation service can offer high-throughput scrubbing capacity, protecting you from massive DDoS attacks. When it comes to DDoS defense, cloud-based solutions have much to offer.
Do you prefer to have all online traffic always redirected, or do you prefer to redirect traffic for scrubbing only during an attack? Always-on DDoS detection provides constant protection, but it will also add a small amount of latency to normal operations.
On the other hand, on-demand DDoS protection will reduce application latency day to day, but you will have increased exposure to a DDoS attack when it begins and before you start to redirect traffic. Always-on solutions are more expensive than on-demand solutions, so it’s a question of balancing protection vs. cost to meet your business requirements.
The stand-alone approach to DDoS protection will only protect against DDoS attacks. You will require additional application protection services that must be deployed and managed individually, and that can add significant complexity. With an integrated solution, DDoS protection comes with web application firewalls, bot management, and API protection, offering both comprehensive protection and simplicity. You only need to manage a single solution rather than multiple products from multiple vendors.
Citrix offers a comprehensive, cloud-delivered DDoS protection solution with always-on and on-demand options. It has one of the largest scrubbing capacities to protect against large-scale DDoS attacks. The Citrix DDoS protection solution is available as a stand-alone service and also as an integrated solution that includes a web application firewall and bot management and API protection.
With a 25-year track record, it’s clear that DDoS attacks are here to stay. And they will only become much larger and more pervasive with the advent of 5G and the proliferation of poorly secured IoT devices.
So ask yourself now: Do I have the right DDoS protection to thwart them and keep my business safe?
Share this article:
Pen Test Partners didn’t disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm.
A hefty slice of data – that of 100K+ current and former employees – was spilled in an “external system breach,” the pizza chain said. 
Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.


This site uses Akismet to reduce spam. Learn how your comment data is processed.
Join thousands of people who receive the latest breaking cybersecurity news every day.
Pankaj Gupta, Senior Director at @Citrix, outlines how distributed denial of service attacks have become increasing… https://t.co/djwhuUE82e
1 day ago
Get the latest breaking news delivered daily to your inbox.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source

Article Categories:
Cloud Security

Comments are closed.