VeriSign, Inc., the trusted provider of Internet infrastructure services for the networked world, today released a new report aimed at helping online businesses and other enterprises protect themselves against distributed denial-of-service (DDoS) attacks.
"DDoS Mitigation: Best Practices for a Rapidly Changing Threat Landscape," a new white paper available today, describes how hackers are employing larger and stealthier techniques to outmaneuver such traditional DDoS defense tactics as bandwidth over-provisioning, firewalls, and intrusion prevention systems (IPS). DDoS attacks use multiple hosts, such as compromised PCs, to flood and overwhelm a target site or application with traffic. Successful attacks can bring down sites for hours or even days, causing businesses to suffer losses in the millions and damaging a company's brand and customer relationships.
The paper cites Forrester survey data showing that 74 percent of IT decision-makers reported experiencing one or more DDoS attacks in the past year. In nearly one out of every three attacks, hackers were successful in disrupting service, even though these organizations had in place security measures designed to thwart DDoS attacks.
Five Best Practices from an Expert in DDoS Defense
VeriSign has successfully defended its global DNS infrastructure against DDoS and other attacks for more than a decade, while maintaining 99.99 percent availability of its critical infrastructure. VeriSign also has maintained 100 percent availability of its .net and .com infrastructure, even as it resolves more than 50 billion DNS transactions per day.
Drawing on this success and VeriSign's hands-on customer engagements, the white paper identifies a set of best practices that enables organizations to keep pace with DDoS attacks while minimizing impact on business operations. (For a much more detailed explanation of these best practices, download the paper.)
1. Centralize data gathering and understand trends. It's vital to
understand what normal network traffic looks like, and to identify
anomalies quickly and accurately. By working with expert security
researchers, organizations can better track trends and threats. And they
can implement effective DDoS-specific alerting, logging and reporting
systems.
2. Define a clear escalation path. A fast and effective response is key to
mitigating DDoS attacks, so enterprises need systematic processes and
methodologies in place. For instance, defining incident response teams
and preparing for downtime before an attack occurs can restore
operations sooner, with less devastating effects.
3. Use layered filtering. Even as unwanted network traffic is blocked,
legitimate traffic must be allowed through with minimal latency.
Filtering traffic in layers, rate-limiting traffic, and enhancing rule
sets over time all are key to achieving this.
4. Build in flexibility and scalability. A scalable, flexible
infrastructure helps ensure systems function properly under attack
conditions. IT managers should: test the limits of IT components to know
their breaking points; enforce hardware and software diversity so an
attack targeting one platform doesn't bring down the entire network; and
do what it takes to provide on-demand capacity within a load-balanced
infrastructure.
5. Address application and configuration issues. With DDoS attacks evolving
from brute force traffic floods to subtle infiltrations of the
application layer, organizations need better insight into application
thresholds and vulnerabilities. Among the paper's suggestions: Address
simplistic configurations and common application vulnerabilities.
For more details check out www.verisign.com
- Follow us on :
