More

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks

    According to Corero Network Security (CNS: LN), a leader in on-premises Distributed Denial of Service (DDoS) Defense Systems for enterprises, data centers and hosting providers, for all the pain and suffering DDoS attacks have caused, there are a number of best practices that companies can implement to reduce their risk. The most effective defense against DDoS attacks requires expert preparation of defensive resources, ongoing vigilance and a rapid, organized response.

    “The cat-and-mouse game between IT administrators, criminals and hacktivists has intensified in 2011 as the number of application-layer DDoS attacks has exploded. Coupled with an increase in political and ideological hacktivism, companies have to be extremely diligent in identifying and combating attempts to disable their websites, steal proprietary information and to deface their Web applications, ” said Mike Paquette, chief strategy officer, Corero Network Security.

    This slideshow features Corero’s top five recommendations for mitigating the effects of DDoS attacks.

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks - slide 1

    Click through for five recommendations on reducing the risks associated with a DDoS attack, as identified by Corero Network Security.

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks - slide 2

    As with all incident response plans, advance preparation is key to rapid and effective action, avoiding an “all-hands-on-deck” scramble in the face of a DDoS attack. A DDoS response plan lists and describes the steps organizations should take if its IT infrastructure is subjected to a DDoS attack.

    Increasingly, Corero is seeing that DDoS attacks against high-profile targets are intelligent, determined and persistent. This new breed of highly capable attackers will switch to different attack sources and alternative attack methods as each new attempt is countered or fails. It is therefore essential the DDoS response plan defines when and how additional mitigation resources are engaged and surveillance tightened.

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks - slide 3

    Clean pipe Internet connections provided by ISPs offer a false sense of security. On-premise DDoS defense solutions installed immediately in front of application and database servers are required to provide a granular response to flooding-type attacks, as well as to detect and deflect the increasingly frequent application-layer DDoS attacks. For optimal defense, on-premise DDoS protection solutions should be deployed in concert with automated monitoring services to rapidly identify and react to evasive, sustained attacks.

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks - slide 4

    The Internet Domain Name System (DNS) is a distributed naming system that enables us to access the Internet by using recognizable and easy-to-remember names such as www.google.com rather than numeric IP addresses (e.g. 192.168.0.1) on which network infrastructure relies to route messages from one computer to another. Since DNS is distributed, many organizations use and maintain their own DNS servers to make their systems visible on the Internet.

    These servers are often targeted by DDoS attacks; if the attacker can disrupt DNS operations, all of the victims’ services may disappear from the Internet, causing the desired Denial of Service effect.

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks - slide 5

    A brute-force or flooding-type of DDoS attack is relatively easy to identify, though it requires high performance and sophisticated real-time analysis to recognize and block attack traffic while simultaneously allowing legitimate traffic to pass.

    Detection of the more insidious application-layer attacks requires a thorough understanding of the typical behaviors and actions of bona fide customers or employees accessing the applications being protected. In much the same way that credit card fraud detection may be automated, on-premise DDoS defense systems establish legitimate usage profiles in order to identify suspicious traffic and respond accordingly.

    Top Five Recommendations for Mitigating the Effects of DDoS Attacks - slide 6

    DDoS attacks are becoming increasingly smart and stealthy in their methods. Waiting for an application to become unresponsive before taking action is already too late.

    For optimal defense, a DDoS early warning system should be part of a company’s solution. Continuous and automated monitoring is required in order to recognize an attack, sound the alarm and initiate the response plan.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles