Scribd
Upload
54 views2 pages

Man, Machine and Ddos Mitigation The Case For Human Cyber Security Expertise

This document discusses the advantages of human analysis over automated systems for mitigating distributed denial of service (DDoS) attacks. It notes that today's DDoS attacks are large and complex, exceeding the capabilities of most automated mitigation appliances. Real-time monitoring and analysis of network traffic by experienced security professionals can stop attacks faster by adapting to changing tactics. The document also outlines the growing size, complexity, and financial impact of DDoS attacks, highlighting the need for effective mitigation.

Uploaded by

api-258089043
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
54 views2 pages

Man, Machine and Ddos Mitigation The Case For Human Cyber Security Expertise

This document discusses the advantages of human analysis over automated systems for mitigating distributed denial of service (DDoS) attacks. It notes that today's DDoS attacks are large and complex, exceeding the capabilities of most automated mitigation appliances. Real-time monitoring and analysis of network traffic by experienced security professionals can stop attacks faster by adapting to changing tactics. The document also outlines the growing size, complexity, and financial impact of DDoS attacks, highlighting the need for effective mitigation.

Uploaded by

api-258089043
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Man, Machine and DDoS Mitigation

The Case for Human Cyber Security Expertise


Selected excerpts

Prolexic recently released a white paper that explains why experienced security professionals
analyzing network traffic in real time stop distributed denial of service (DDoS) attacks faster than
pre-programmed and automated mitigation equipment and at far less risk to an organizations
bottom line.

DDoS mitigation appliances are network devices used by IT departments that are intended to
prevent an outage caused by a DDoS attack. But todays DDoS attacks are often large and complex
too large and complex for automated DDoS mitigation. As a result, Prolexic has found that real-
time monitoring and analysis of network traffic by experienced DDoS mitigation engineers during
an attack is the only approach that ensures effective DDoS mitigation, especially when live
attackers change attacks throughout an event.

A DDoS attack is an attempt to make a computer resource (i.e. website, e-mail, voice, or a network)
unavailable to its intended users. By overwhelming it with data, requests or both, the target
system either responds so slowly as to be unusable or crashes completely. The data volumes
required to do this are typically achieved when attackers harness a network of remotely
controlled zombie or botnet (robot network) computers. These compromised computers have
fallen under the control of an attacker, generally through the use of a Trojan virus or other
malware.

Outages caused by DDoS attacks are increasing in frequency, size and volume and are damaging to
businesses. As a result, many organizations have made big investments in automated defensive
tools such as firewalls, intrusion prevention systems (IPS), intrusion detection systems (IDS), and
router appliances. Unfortunately, automated tools often fail to block a DDoS attack.

Growing attack size and complexity

Typically, a local DDoS mitigation appliance can handle less than 10 gigabits per second (Gbps) of
attack traffic, while a firewall solution offered by an ISP can usually handle less than 20 Gbps. A
typical solution from a cloud-hosting provider can handle less than 40 Gbps. Yet, many of todays
DDoS attacks are bigger than that. For example, in 2013, Prolexic blocked multiple attacks that
peaked at more than 100 Gbps, with the company largest measuring the largest at 179 Gbps.

DDoS attacks also continue to increase in complexity. DDoS attackers target the network layer,
described in the Open Systems Interconnection model (OSI model) as Layer 3, the transport layer
(Layer 4) and the application layer (Layer 7) and often all three in the same campaign. Attackers
create Layer 7 attacks that resemble legitimate traffic as a strategy to overload specific elements



of an application server infrastructure. Even simple application attacks can critically overload web
servers and databases.

Although many company executives may think it is unlikely their organization will be attacked, all
companies and industry sectors are vulnerable. Todays attackers are using more powerful DDoS
toolkits such as the itsoknoproblembro toolkit to take advantage of vulnerabilities in web servers.

The financial damage from DDoS attacks is growing. Gartner predicts a 10 percent growth in the
financial impact that cybercrime will have on online businesses through 2016, as DDoS attackers
take advantage of new software vulnerabilities that are introduced via new cloud services and
employee-owned devices used in the workplace.
1
As a result, enterprises are at a higher risk of
financial losses and damage to their global business reputation than ever before.

Get the full white paper for more details

Download the white paper, Man, Machine and DDoS Mitigation, which explains why you need
human cyber security expertise:
Understand the current and future DDoS threatscape
Learn the capabilities and limitations of specific types of DDoS mitigation appliances
Find out how live attackers overwhelm automated systems
Understand the weaknesses of the new breed of intelligent DDoS mitigation device
Avoid blocking legitimate traffic when under attack
Learn about Prolexics Security Operations Center

The more you know about DDoS attacks, the better you can protect your network against
cybercrime. Download the free DDoS protection white paper today.

About Prolexic
Prolexic Technologies is the worlds largest and most trusted provider of DDoS protection and
mitigation services. Learn more at http://www.prolexic.com.

1
Gartner Reveals Top Predictions for IT Organizations and Users for 2012 and Beyond, December 1, 2011

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy