Share what you know with millions of people
Focus is the best place to turn what you know into remarkable content
0
Are there any DDoS defense tools or protection mechanisms?
Events
- Dos and Don'ts of Small Business Marketing May 29 @ 11 am PT
- Lead Nurturing 202: The Next Generation May 31 @ 11 am PT
- The Tricks to Paid Media June 6 @ 11 am PT
- Display Advertising for Brand Awareness June 20 @ 11 am PT
Related Activity
4 Answers
There are a number of prominent players who provide DDoS mitigation services, such as Prolexic, Verisign, and Armoraid.
Most larger ISPs either offer such services organically, or partner with a pure-play vendor to offer such services.
Corero (formerly TopLayer), also offers a very robust and versatile IPS system which does some serious DDoS mitigation. Other IPS vendors have similar features, but the TopLayer hardware is top-notch in this area.
For sufficiently large DDoS attacks, you absolutely need your ISP and possibly their upstream provider to be involved, as you might not have enough bandwidth (or CPU cycles) to identify and mitigate the threat by yourself.
Just be advised that many of these services are fairly expensive per Gbit of blocked/diverted traffic. (Depending on how much an attack would cost your business, and how likely your business is to be attacked, this might be a valuable investment)
Just hosting your content on a CDN can provide some DDoS defense as they have the infrastructure to curtail the effectiveness of DDoS attacks. Akamai is one such Content Delivery Network that is packaging their service as DDoS. Lots of US .gov servers are on it already.
I like Prolexic for in the cloud defense and Corero and Webscreen for premise based equipment.
Prolexic have a tried and tested solution that diverts the DDOS atack away from the target, filters out the real traffic and allows customers to get on with business.
There are DDoS protections, as other commenters have mentioned. The choice of protections depends on your assessed risk should a DDoS occur.
If you are hosting your application via a cloud vendor or ISP, ask what their protections are and determine if it is strong enough to adequately cover your risk. Some vendors offer optional protections services.
For your own site, the network configuration is highly important for DDoS protection. It should include hardware, e.g., firewalls, that can detect and suppress DDoS propagation into your application servers. Software-based protections for the servers is also available, in addition to network configuration choices.
Note that end-user devices can be a significant source of DDoS risk. It is often a good practice to isolate end-users -- especially remote ones -- using a dedicated end-user VLAN and internal firewalls.
Answer This Question