http://www.prolexic.com/services-dos-and-ddos-mitigation.html | Can automated DDoS mitigation appliances alone stop today’s large, brute force DDoS attacks from bringing down your website? The answer is no. Attackers can overwhelm and sidestep static devices in several ways. In Prolexic’s experience, all the tools available today to fight against DDoS attacks are missing the most important part of the solution – the experience of an expert security engineer. In this short slideshow, Prolexic explains why you need human security expertise in today’s threat landscape.
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Man, Machine and DDoS Mitigation: A Case for Human Cyber Security Expertise
1. Man, Machine and DDoS Mitigation
The case for human cyber security expertise
www.prolexic.com
2. Automated DDoS mitigation poses risks
• Distributed denial of service (DDoS) attacks can
overwhelm DDoS appliances
• Today’s DDoS attacks are larger and more complex
than in the past
• Experienced security professionals block DDoS
attacks faster than machines
• Human eyes and creativity are needed to stop
attacks from live attackers
www.prolexic.com
3. What is a DDoS attack?
• A DDoS attack tries to make a computer resource
unavailable to its users
• It succeeds by overwhelming the target with data,
requests or both
• Hackers boost their attacks by calling on hoards of
compromised Internet devices
• The zombie devices have fallen under the control
of an attacker through a virus or malware
www.prolexic.com
4. It’s important to choose the right DDoS
mitigation strategy
• Outages caused by DDoS attacks are increasing
and damaging to businesses
• As a result, many organization have made big
investments in DDoS mitigation technology
–
–
–
–
Firewalls
Intrusion prevention systems (IPS)
Intrusion detection systems (IDS)
Router appliances
• But often these devices fail to stop DDoS attacks
www.prolexic.com
5. It’s cheap to rent a botnet to crash a DDoS
mitigation appliance
• For a few hundred dollars a day anyone can rent a
botnet that can command up to 50,000 computers
• That’s more than enough to take down a very wellprotected Internet-facing asset such as a router,
load balancer or website
www.prolexic.com
6. Mitigation appliances are no match for the size
of today’s DDoS attacks
• A local DDoS mitigation appliance can typically stop
less than 10 gigabits per second (Gbps) of attack traffic
• A firewall offered by an ISP can usually handle less
than 20 Gbps
• A cloud-hosting provider can usually handle less than
40 Gbps
• Many of today’s DDoS attacks are too big for these
solutions
– 100 Gbps: Prolexic has blocked multiple attacks of this size
– 179 Gbps: Largest attack mitigated by Prolexic as of
December 2013
www.prolexic.com
7. Mitigation appliances are no match for the
complexity of today’s DDoS attacks
• DDoS attacks continue to increase in complexity
• Attacks can target three different areas in one
campaign
– Network layer, described in the Open Systems
Interconnection model (OSI model) as Layer 3
– Transport layer (Layer 4)
– Application layer (Layer 7)
• Layer 7 attacks often look like legitimate traffic
– Even simple application attacks can critically overload
web servers and databases
www.prolexic.com
8. All online companies and industries are at risk
– regardless of size
• Many company executives think it won’t happen
to their organization – but they are attacked
• High-bandwidth attacks against the financial
industry hit in 2012 and 2013
• Gartner predicts a 10 percent growth in the
financial impact that cybercrime will have on
online businesses through 2016*
• Reason for an attack vary: extortion, corporate
revenge or simply malicious hackers
* “Gartner Reveals Top Predictions for IT Organizations and Users for 2012 and Beyond,” December 1, 2011
www.prolexic.com
9. Learn more in the white paper
• Download the DrDoS white paper: Man, Machine and
DDoS Mitigation
• In this white paper, find out why you need human
cyber security expertise:
– Understand the current and future DDoS threatscape
– Learn the capabilities and limitations of specific types of
DDoS mitigation appliances
– Find out how live attackers overwhelm automated systems
– Understand the weaknesses of the new breed of intelligent
DDoS mitigation device
– Avoid blocking legitimate traffic when under attack
– Learn about Prolexic’s Security Operations Center
www.prolexic.com
10. About Prolexic
• Prolexic Technologies is the world’s largest and
most trusted provider of DDoS protection and
mitigation services
• Prolexic has successfully stopped DDoS attacks for
more than a decade
• Our global DDoS mitigation network and 24/7
security operations center (SOC) can stop even the
largest attacks that exceed the capabilities of other
DDoS mitigation service providers
www.prolexic.com