Industry-Leading Tools to Mitigate DDoS Threats

Feb. 17, 2023
New tools can help data center operators fight back against DDoS and emerging network security threats.

This concludes our article series on DDoS protection in a connected world. This week we'll shift our focus from experiencing DDoS attacks to defending against them.

So far, we’ve covered the evolution of DDoS and how it impacts data centers and cloud ecosystems. Now, let’s dive into specific DDoS attacks and how to defend against them.

There are three types of DDoS attacks on which we will focus.

  1.  Volume-Based Attacks. The strategy here is to flood networks with heavy volumes of data. Think of it as a pileup on a freeway. This massive amount of additional network traffic will consume bandwidth, shut down services, prevent users and customers from accessing essential services and sites, and bring a business down to a crawl. For data center providers, a massive DDoS attack could slow down several clients sharing bandwidth. There are various ways a volumetric attack can happen, including botnets, reflection, and amplification, and the attack often uses connectionless UDP as the delivery method. While this attack can be easy to detect, it can get very challenging to mitigate.
  2. Network Protocol Attacks. Network protocol layer attacks aim to exploit your network’s protocol weaknesses. You could be in trouble if you have poorly configured layer 3 and 4 policies. Simple attacks can include SYN floods or pings of death, and more sophisticated attacks go after higher-layer SSL handshake renegotiations.
  3. Application Layer Attacks. At the application layer, we use many services to allow the app to run. The Application layer attacks aim at application platforms, web servers and services, APIs, libraries, and even the application itself. These attacks are usually a lot more targeted and planned out in advance. Malicious actors will do their homework to understand the application, user interaction, app behavior, and potential weaknesses.

As a data center provider, you already have much to worry about. However, keeping your networks safe is a crucial business aspect you can’t ignore. Telecommunications and network management have come a long way. And our ability to lock down and segment networks has advanced as well. However, right alongside are the malicious actors advancing their tactics as well.

For data center providers, DDoS attacks are now more dangerous than ever. Malicious actors want the data that data centers store. So, what happens when a DDoS attack is just the tip of the spear?

Now that you have a solid framework on DDoS threats, it’s key to broaden our perspective on these attacks. Specifically, what happens when a DDoS attack is only a distraction?

DDoS as a Smokescreen

To begin, there will usually be a motive for an attack. In today’s connected world, a DDoS attack may be launched for more reasons than just taking down a website or a service. We mentioned smokescreens in a previous article. Usually, a malicious actor, sometimes a nation-state, will launch a DDoS attack to remove security resources and use the attack as a smokescreen to access other parts of the network. When DDoS is used as a smokescreen, these other activities may be happening:

How Do You Detect Malicious Traffic?

There are two critical methods for detecting malicious traffic. DDoS attack traffic should be mitigated as close to the network edge as possible.

  1. Analyzing the metadata of traffic flow data — best for volumetric attacks
  2. Packet inspection — effective for all three types of attacks

To detect these attacks, consider the following:

Outside of solid development practices, detection might require the analysis of a packet’s payload (GET vs. PUT) to detect if an attack is happening against an application or an app service.

What Should I Be Looking for in a DDoS Solution?

There’s never a silver bullet regarding the security of an entire infrastructure. However, there are vital considerations when selecting a solution for DDoS protection. Narrowing it down a bit, here are three critical considerations for data center providers when choosing a DDoS solution:

If you’re a data center, service provider, or an organization that’s rapidly scaling out, there are two additional points to consider:

Download the entire special report, The Security Gap: DDoS Protection in a Connected World, featuring A10, for an exclusive real-world data center provider use case where modern DDoS solutions impact network protection and creates a business opportunity.

About the Author

Bill Kleyman

Bill Kleyman is a veteran, enthusiastic technologist with experience in data center design, management and deployment. Bill is currently a freelance analyst, speaker, and author for some of our industry's leading publications.

Sponsored Recommendations

How Deep Does Electrical Conduit Need to Be Buried?

In industrial and commercial settings conduit burial depth can impact system performance, maintenance requirements, and overall project costs.

Understanding Fiberglass Conduit: A Comprehensive Guide

RTRC (Reinforced Thermosetting Resin Conduit) is an electrical conduit material commonly used by industrial engineers and contractors.

NECA Manual of Labor Rates Chart

See how Champion Fiberglass compares to PVC, GRC and PVC-coated steel in installation.

Electrical Conduit Cost Savings: A Must-Have Guide for Engineers & Contractors

To help identify cost savings that don’t cut corners on quality, Champion Fiberglass developed a free resource for engineers and contractors.

Runawayphill/Shutterstock.com
Source: Runawayphill/Shutterstock.com

How A Cross-Company Initiative Is Telling the Story of a New, Collaborative Future for Data Centers

A group of the industry’s top talent have been working as a special task force to address a pivotal issue facing the data center sphere at large. With their upcoming publishing...

White Papers

Chatsworth Cover 2023 08 07 11 57 53

The Data Center Innovation Will Change the Way You Think About Liquid Cooling

Aug. 7, 2023
The demand for high density servers and high-performance computing continues to grow – as does the amount of heat generated by all this computing power. Data center operators ...