When choosing DDoS protection solution that will best ensure your business’ survival in the hostile virtual jungle, you should make sure this solution adheres to the following fundamental commandments...
2. DDoS – The Basics
Volume Based Attacks
• Method: Include UDP floods, ICMP floods, and other spoofed packet
floods.
• Objective: Saturate the bandwidth of the attacked site.
• Magnitude: Typically measured in Bits per second.
Protocol Attacks:
• Method: Primarily SYN floods, but also fragmented packet attacks.
• Objective: Consume web server resources or intermediate communication
equipment, such as firewalls and load balancers.
• Magnitude :These are usually measured in Packets per second.
Application Layer Attacks
• Method: Unlike protocol attacks, these are comprised of legitimate and
seemingly innocent requests.
• Objective: Bring the application servers down.
• Magnitude: Requests per second.
Confidential
3. DDoS – Current and Future Trends
Volume Based Attacks are getting bigger
• More and more attacks over 20Gbps
Application Layer Attacks are becoming more frequent
• Targeting specific website platforms
• Targeting smaller websites
New Attack Types
• IP Range Blanket Bombing DOS Techniques
• Amplification through DNS requests to an Open DNS or open “public” SNMP
Confidential
5. Commandment 1:
Thou shall be invisible
Your users don’t need to know and don’t care
that you are under attack
People Don’t like to hang around in
“dangerous” places
People should be allowed to enter:
• Without delays
• Without being sent through holding areas &
splash screens
• Without being served outdated cached content
Confidential
6. Commandment 2:
Let he who is innocent step forward
Self Redemption is Key!!!
All users should be able to exonerate
themselves.
At the very least users should be
able to:
Shout out (complain)
Redeem themselves by
completing a CAPTCHA.
Confidential
7. Commandment 3:
Spare no bot but beware of those holier than thou
Block all Application Layer Bot Requests
• There is very little head room for most sites
• Even 50 excess page views/second can take
down your site, or slow it down.
Transparency should not come at the expense of
airtight protection
However, you must grant the “Internet Gods”
(Google, Bing, Pingdom, etc.) access at all times
Confidential
8. Commandment 4:
Absorb all that is cast upon you
Take Cover! Network attacks are getting
bigger
You must be able to take a
“20Gbps +” hit standing
You must have isolation
capabilities to prevent others from
trembling with you
Confidential
9. Commandment 5:
To err is Human. Precise Detection is divine
Automatic & Accurate DDoS detection is
just as important as effective mitigation
One shouldn’t be in “DDoS Mode”
unnecessarily and you can’t watch your
site 24x7x365
Real-time protection activation is
crucial, otherwise you’re going down
Confidential