Denial of Service or Distributed Denial of Service (DDoS) attacks are generally large-scale web based attacks against companies or websites. These attacks are mitigated by Cloud DDoS or hardware appliances know as DDoS prevention.
DDoS attacks are conducted and performed by groups of internet devices (PC’s and laptops generally) that have been exploited with a virus or malware to allow for a remote controller to issue commands and instructions to the infected PC.
Compromised devices that form part of this attack group are generally referred to as a ‘Botnet’ with infected devices know as members. In a DDoS attack this Botnet is then directed towards the target website and company with the aim to send multiple requests for images or nonexistent data with the aim of overwhelming system resources to cause an outage.
DDoS attacks tend to be either political or part of an extortion attempt and are rarely seen without these motives.
The infected Botnet’s are usually first used to relay and send spam email before conducting DDoS attacks as this may allow system administrators to discover the IP address and report infected systems to ISP’s and system owners.
From this internet threat both cloud and hardware based DDoS mitigation appliances are offered by a variety of specialised vendors.
Protection of online systems especially trading or e-commerce systems is vital for any business. Here we present advantages to deploying a Cloud DDoS mitigation service.
Choosing a cloud DDoS provider allows for significant cost savings in terms of bandwidth costs resulting from an attack.
Comply with regulations
Your site or institution may have to adhere to security policies mandated by regulatory bodies; having anti-DDoS measures in place may help conformity.
Protect mission critical infrastructure
DDoS attacks whilst targeted at web infrastructures cause significant collateral damage to intermediate systems. Using a Cloud DDoS provider will protect your systems from damage and threats.
Latest attack patterns
DDoS attacks take many forms and guise and exploit multiple weaknesses inherent in internet facing systems. Using a cloud DDoS vendor ensures you have the latest attack signatures to repel any system threat.
Prevent resource consumption
DDoS attacks overwhelm resources on the target systems, one of the common reasons that DDoS attacks succeed is the lack of bandwidth available from the provider. Using a cloud based DDoS service delivers huge bandwidth to the provider ensuring that resource consumption does not take systems offline.
With any technology deployment there are things to keep in mind and consider. We have listed out potential pitfalls to consider when purchasing an DDoS Protection system.
A firewall is not a DDoS appliance
Despite claims to the contrary firewalls may repel low level DDoS attacks but do not have either the processing or throughput needed to repel a large attack.
Should you choose to purchase a mitigation appliance ensure that your bandwidth provision is available. As a rough guide it is considered best to contract for up to 1Gbps delivery with good routers capable of a high packet per second PPS throughput. (note 1Gbps refers to the speed of connection not the monthly bandwidth usage)
Ease of deployment
If using a Cloud DDoS vendor does the setup require many manual steps?
Always check response and support times and whilst mitigation is being completed expect delays to your web presence.
Many anti DDoS devices work on a proxy basis filtering good connections from bad in certain instances. Be aware this may impact SSL and user connections.
At Compare the Cloud, we’re here to help you get started and to identify suitable technology partners to help with your deployment. Take a few minutes to tell us about your company in our Cloud Discovery Q&A, and we’ll present you with some informed options – and help you take full advantage of Cloud Denial of Service / DDoS protection solutions.