The Latest A10 Networks News
Product and Solution Information, Press Releases, Announcements
|Defending Enterprise Network Security: a DDoS Attack Primer|
|Posted: Wed Nov 25, 2020 09:41:19 AM|
Babur Khan | November 25, 2020
A survey by Neustar indicated that more than 80 percent of financial services firms estimate a loss of $10,000 per hour during a DDoS-related outage. The statistics in this report amplifies the need for financial institutions of any size to develop DDoS preparedness and remediation strategies. Cyberthreat actors dont discriminate they target both large and small organizations and exploit weaknesses wherever they can. Secureworks
Distributed Denial of Service (DDoS) attacks have become a commonplace threat that every business should take seriously. All of the most famous DDoS attacks are newsworthy for one reason, they were on a scale that was so enormous they were easily detected. Its hard to miss a 2+ terabits per second traffic tsunami. Even when an DDoS attack is orders of magnitude less in volume, hackers can achieve goals other than simply knocking an organization offline.
The Who and Why of Hacking
Cybercrime alone costs nations more than $1 trillion globally, far more than the record $300 billion of damage due to natural disasters in 2017 Harvard Business Review
In the distant past, hacking was a nerd sport, something they did for fun or to annoy people as well as to learn about systems and document their weaknesses. While simple mischief and exploration is still common, todays motivations also include:
Whatever the reason for trying to compromise your enterprise network security, DDoS exploits provide a way to probe and test infrastructure security, to degrade communications and server performance, and to provide cover for incursion attempts.
Types of DDoS Attacks
There are three main types of DDoS:
Each type of attack requires different detection and amelioration technologies and should take into account the target being attacked, the methods of detection, the cost of defensive cybersecurity, and how quickly a response can be mounted. In short, what were looking for is a strategic approach to defending critical infrastructure.
How to Create a DDoS Defense Strategy
A tactical DDoS defense strategydeploying DDoS cybersecurity defense tools and hoping you wont have to use themsimply isnt enough to ensure infrastructure security. In-depth defense against DDoS attacks and their consequences requires a strategic approach to enterprise network security built on a 360-degree view of the critical infrastructure security assets that are vulnerable, what the consequences will be if an attack occurs, and an amelioration plan that reduces costs and downtime.
Step 1: Assess Your Assets
Your first task is to identify which of your assets are critical to the enterprise. Typically, this includes email systems, VPN services, web server, application servers, all of the assets that, should they become impacted or compromised, would effectively stop your organization from working. You should attach a downtime dollar value and an estimated time to repair along with any other metrics particular to your enterprise network security assessment to identify priority assets.
Step 2: Deploy Robust DDoS Defenses
The DDoS infrastructure security solution you select should be state-of-the-art with a solid enterprise customer background. Evaluate your vendors support options and responsiveness and work with them to establish a solid mitigation plan with routine test protocols. You absolutely need to know that when a DDoS attack occurs, your deployment will work as planned.
Step 3: Ensure You Have Visibility into Your Network
Understanding what constitutes normal traffic patterns and being able to identify abnormal events and packet flows is key to in-depth DDoS detection. If hackers dont execute an all out assault on your network but rather use DDoS to degrade your connectivity, then without a deep insight into whats normal you may not notice the attack. Another aspect of understanding your To understand what constitutes normal traffic, keep re-evaluating your networks as traffic patterns will change over time. Just consider the changes caused by COVID-19. Traffic patterns may now be significantly different.
Step 4: Use Deep Packet Inspection
The final component of your strategic DDoS infrastructure security strategy is application-level deep packet inspection. You should not only be monitoring inbound traffic but also outbound traffic and watching for unauthorized and dangerous payloads and inappropriate content such as social security numbers, and other personally identifiable information to and from unsanctioned endpoints.
How A10 Can Help You Build a Strategic DDoS Defense Strategy
A10 Networks is a strategic partner for establishing enterprise network security. A10 Thunder® Threat Protection System (TPS®) employs advanced defense strategies that protect against all kinds of cyberattacks including new, novel DDoS attacks that could bring down your DNS services. Visit the DDoS Protection solution page to learn more. For insight into your network traffic, A10 Networks Thunder® SSL Insight (SSLi®), available in both hardware and software form factors, provides cost-effective cybersecurity including deep packet inspection for full network traffic visibility as well as SSL offloading, content filtering for data loss prevention, load balancing, and traffic steering along with comprehensive analytics and management providing real-time, actionable insights into traffic statistics, categorization, and suspicious activities and the ability to manage multi-site deployments from a central location.