HOW TO PREVENT DDOS ATTACKS
As you can see after examining the five most famous attacks, DDoS attacks aren’t going away. In fact, they’re only growing larger and more destructive. So, the best thing you can do to prevent being a victim of one yourself is learn from attacks that have already happened.
Here’s how you can start thinking about DDoS protection:
CHOOSE A DEPLOYMENT MODE
There are benefits to both proactive and reactive DDoS deployment modes, and which one you choose depends on your business goals.
A proactive mode delivers the highest resolution detection capabilities and is commonly used for real-time apps such as voice, video and gaming. With a proactive mode, detection is always on, and you’re provided with an inline tool that gives 100 percent visibility through packet analysis.
On the other hand, a reactive mode detects anomalies by analyzing metadata, as well as by leveraging the flow data available from switches and edge routers. A reactive mode is more cost-effective than a proactive one, but it doesn’t have the ability to respond in real-time.
DDOS DETECTION METHODS
When it comes to DDoS detection, there are many different methods to choose from, such as:
Flow Sampling: In flow sampling, the router samples packets and then exports a datagram that contains information about those packets. Nearly all routers support this type of technology, plus it’s highly scalable, making it a popular choice. However, this method only gives you a limited snapshot of your traffic and doesn’t allow for detailed analysis.
Packet Analysis: When a high-performance DDoS mitigation device is deployed in-path, it can instantly detect and mitigate anomalies. This type of device continuously processing all incoming traffic and can also process all outgoing traffic—this is known as asymmetric and symmetric processing, respectively.
Mirrored Data Packets: Although mirrored data packets don’t operate in the path of traffic, they provide the full detail for in-depth analysis, and can detect anomalies quickly. The only downside to this method is that it can be difficult to scale up.