Staying on top of your IT security can feel like playing a game of catch up. As attackers focus on new targets and use new methods, you change your security to match. You take a reactive approach to the threats you face.
But that means, more often than not, you’re reacting once it’s already too late.
In the case of distributed denial of service (DDoS) attacks, that’s what many attackers are counting on. When you’re reacting to something unexpected, you’re too busy to see clearly. So attackers use DDoS as a smokescreen – a way to distract your attention while they penetrate other parts of your network.
The answer is a proactive approach to DDoS mitigation. And that means understanding what kind of anti-DDoS solution you need to keep up with modern attacks.
Most DDoS mitigation techniques, services, and appliances are out-dated. They’re effective against the attacks that were common in the past, but not the attacks that you’re most likely to face right now.
According to Corero’s DDoS Trends and Analysis Report, today’s attacks are multi-layered, short duration, and frequent. It’s testament to how easy it is to deploy an attack that some businesses find themselves targeted almost five times a day. And while huge traffic volumes are part of the attacks you hear about in the press, most are 1Gbps or less in size.
As a result, modern mitigation needs to be lightning-fast, responsive, and ready to step into action in an instant. It’s not enough to cater for scale alone – for successful mitigation, speed is everything.
Traditional approaches to mitigation just aren’t ready for today’s attacks.
The easiest way to block attack traffic is to block all traffic. So the first generation of DDoS mitigation saw service providers black holing all attack traffic, keeping their own infrastructures protected at the cost of end-user networks.
Of course, that means your legitimate users, whether they’re customers or employees, are brought to a standstill. The impact on your business is no different to the consequences of a full-pipe attack – full service loss, potentially several times a day.
DDoS Mitigation 2.0 was the natural evolution of DDoS 1.0 – a more intelligent way to remove malicious traffic while maintaining service for legitimate users.
With this approach, affected traffic is sent off-site to a remote traffic scrubbing centre. There, powerful systems filter the traffic before returning it back to the network. It’s a significant improvement over DDoS Mitigation 1.0. But there’s still a big problem.
With attacks occurring so frequently and lasting only a short time, remote scrubbing struggles to keep up. Meanwhile, the way we use technology has changed – many of us are using real-time applications where any delay is potentially disastrous.
Over time, DDoS attacks have evolved. The way we use technology has evolved. So it’s time for mitigation to change in the same way.
Blocking all traffic is overkill. Cleaning traffic remotely is too slow. And that’s why its time for DDoS mitigation to move to the next generation.
DDoS Mitigation 3.0 is always-on, active, in-line mitigation. It doesn’t exist in a remote data centre, but instead is an immediate part of your infrastructure.
So when traffic needs to be filtered and cleaned, it can take place instantly. Meanwhile, legitimate traffic reaches its destination without the unnecessary delays or routing.