For enterprise cyber defence, there should be more than one solution
Enterprises face a dilemma when it comes to defence against today’s modern DDoS attacks: do they trust the surgical precision of an on-premise DDoS protection solution or go with a DDoS cloud scrubbing solution? It’s a tough decision for IT managers to make, as whichever option chosen will be the companies way of protecting themselves from cyberattacks. But, why even choose between the two?
When it comes to defending from cyberattacks, enterprises need all the help they can get, so why not have the best of both worlds and go with a full spectrum hybrid DDoS defence solution? That way, you get the power of the cloud along with the context-aware on-premise protection needed to battle sophisticated DDoS attacks. This is the solution that makes the most sense as enterprise really need to cover all their bases but if you aren’t convinced then allow me to elaborate.
Cloud alone is not enough
When it comes to enterprise DDoS protection, cloud scrubbing is a solid option, but it’s not a panacea.
Cloud scrubbing and clean pipe services are critical when attacks grow past your internet capacity. But such services only achieve partial DDoS resilience. This is because enterprises must also defend their value-generating applications and availability for valid users. (Although, isn’t that the whole value prop of a DDoS defence solution? Maintaining availability while thwarting DDoS attacks?) Distinguishing which accesses are valid, and which are initiated as part of slower, but equally deadly, network or application resource exhaustion attack requires contextual awareness of the unique characteristics of on-premise network, application and normal user behaviour.
Cloud scrubbing is incredibly effective when attack volumes exceed the capacity of an enterprise’s internet pipe, and enterprises must compliment their solution to defend against application and slow and low attacks, especially when IT managers say 75 percent of the attacks they see target specific network and application elements of their infrastructure.
At the same time, cloud scrubbing traffic swings can be disruptive and costly. More than three-quarters (77 percent) of attacks peak at 10 Gbps or less and nearly half of all attack volumes are less than 1 Gbps. These most common attack sizes are best deflected by an always-on on-premise solution.
DDoS attacks are largely brute-force, but DDoS defences must be precise, with the ability to intelligently distinguish legitimate users. Strategies like Remote Triggered Black Hole (RTBH), and service rate limiting, which are commonly used in cloud-based mitigation, leave a wake of collateral damage against legitimate users in the form of false positives and false negatives.
So why a full spectrum hybrid DDoS protection?
Both forms of hybrid DDoS protection have their benefits and negatives, but a full spectrum enterprise hybrid protection defends against DDoS attacks of all types and sizes. It will guarantee that any threats to your network, your revenue and your reputation are dealt with
By combining the power of an on-demand cloud DDoS scrubbing solution that gives full spectrum DDoS protection with the more precise on-premise DDoS protection solution, the two will work in tandem to cancel out each other’s weaknesses and supply a solid protection to any enterprise.
This hybrid approach offers precision protection against all DDoS attack strategies such as volumetric, network-based, application layer, slow and low attacks and attacks missed by cloud scrubbing services.
DDoS cloud protection delivers cloud-scale hybrid DDoS protection against volumetric attacks that exceed your enterprise’s internet bandwidth, while the on-premise DDoS defence provides to minimise false events with source-based mitigation; protect enterprise personnel and customers; and can enforce protection via the use of a cyber threat intelligence service and multiple traffic behaviour indicators to increase mitigation accuracy.
A powerful hybrid solution also delivers automated policy-based mitigation escalation making frontline defenders more effective. With a team of trained IT professionals, a DDoS cloud scrubbing solution can easily redirect traffic to the cloud when an attack swells to threaten an enterprise's total internet bandwidth.
Going for a hybrid model is also cost effective. A hybrid solution makes it easier to protect legitimate traffic, not the amount of traffic that attacks apply, meaning enterprises are only charged for the protected traffic and the number of times cloud-scale scrubbing is required. And because on-premise DDoS solution only deflect attacks that fall under your on-premises internet bandwidth, this two-pronged defence is the most surgically effective and economical way to protect your enterprise from DDoS attacks.
- » Get to grips with DevSecOps – and address security flaws much more quickly
- » How EMEA CIOs are taking the lead in digital initiatives: AI 'becoming mainstream'
- » Tablet sales continue to decline – but hope abounds for refreshed Surface and iPad Pros
- » Communication, C-suite engagement and continuous change: Key digital transformation tips for CIOs
- » WhiteHat Security reveals how enterprise security vulnerabilities are introduced via traditional applications