Any organization offering online services to potential customers, employees and/or business partners are a potential target.
- Volumetric attacks – target the bandwidth of an organization’s internet pipe with the intent to saturate it with unwanted traffic – reducing the available capacity and causing web application performance to be slowed or even closed down for extended periods of time.
- Exhaustion attacks – focus on specific devices such as Firewalls, Load balancers, IPS appliances and web servers in order to exhaust their limitations in concurrent connections by attempting to establish incomplete connections, ultimately causing the slowing or actual halting of these devices and therefore impacting internet and in some cases internal network connectivity.
- Application layer attacks – target a specific application or database with application calls, slowing or even closing down your business applications.
- DDoS diversion attacks – can be Volumetric, Exhaustion or Application DDoS attacks which are used to divert attention from the penetration of another threat which could ultimately lead to the theft of critical business intelligence information, or even funds.
- Concurrent attacks – a combination of volumetric, exhaustion and application level attacks which are increasingly used to overcome situations whereby an organization might have some existing protection devices which are only able to protect against specific attack forms.
Any of the above can and most often will, significantly impact your on-line reputation & revenue generation activities.
Few organizations have implemented the sufficient level of protection needed to detect and defeat these ever increasing and sophisticated attacks. Traditional “stand-alone measures” such as Firewall/IPS/UTM appliances, or even solutions provided by Internet Service Providers (ISP) and cloud scrubbing centers, are insufficient to detect and mitigate many of today’s highly sophisticated attacks.
As the frequency, size and sophistication of DDoS attacks increases, the intelligence levels of any detection and defense system is key. Less than 1 Gbps of attack traffic (historical statistics show 75% of DDoS attacks are at or under 1 GBps) is sufficient to halt most web services with ease. Whilst the ability to defend a simple “volumetric or exhaustion attack” is critical, perhaps even more important is the ability to detect and defend from the “emerging more targeted & advanced application level & concurrent attacks.
To avoid the devastating results of either, there is a need for a high performance and high availability hardware appliance, with the intelligence and supporting services needed to detect and then mitigate both known and previously unknown DDoS attack forms including TCP, UDP, HTTP,ICMP, SMTP, VOIP and application level specific attacks.