How to choose an effective DDoS mitigation plan

Must Read

Why cybersecurity threats have increased during Covid-19 pandemic

Cybersecurity industry has never had more significant task to carry out than guarding strategic associations and businesses from digital assaults during the coronavirus pandemic

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

Ensuring brand protection against cyber attacks

Companies across all industries and sizes must make sure that they are protected and safeguarded against all forms of today

The cyber industry offers a plenitude of DDoS mitigation solutions. Competition may be misleading as providers highlight terms such as mitigation capacity, layered protections or time-to-mitigate.

DDoS Mitigation Strategies in a Nutshell

There are several options from which you can choose a DDoS mitigation strategy.

1) On Premises DDoS Appliance

A DDoS detection and mitigation device installed in front of the firewall in your data center. It offers immediate mitigation of all types of attacks, including SSL attacks, but offers limited protection against volumetric attacks that saturate your internet pipe.

2) Always-On Cloud Service

A cloud service wherein your traffic is constantly routed through the provider’s scrubbing center for attack detection and mitigation.

3) On-Demand Cloud DDoS Protection Service

A cloud service that kicks in only when you are under attack by diverting your traffic to the providers’ scrubbing center.

4) Hybrid DDoS Protection Solution

This is the best of both worlds: an on-premises device that integrates with a cloud mitigation service (can be on-demand or always-on cloud service).

How to Choose a DDoS Mitigation Plan?

There are a few guidelines that can help simplify your selection process, simply by asking  the following questions:

1) Can you afford a few minutes of downtime when under ?

If the answer is YES, then go for the On-Demand Cloud DDoS Protection Service. This is the lowest cost solution and offers effective mitigation against DDoS attacks. The payoff is extended time-to-mitigate of several minutes which is driven by the need to re-route your traffic to the provider’s scrubbing center.

If the answer is NO, then select the Always-On Cloud DDoS Protection Service. This option provides immediate mitigation (within seconds) of DDoS attacks.

2) Do you process HTTPS traffic extensively?

If YES, then you need the Hybrid DDoS Protection solution, where the on-premises device mitigates HTTPS attacks and the cloud service mitigates volumetric attacks.

3) Are you frequently attacked?

If YES, then you need an Always-On Cloud DDoS Protection Service. An On-Demand service may overwhelm your network with extensive diversions of your traffic.

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand). Financial service providers, health care or utilities typically go with hybrid solutions, due to the nature of their business: they require utmost application availability and process SSL traffic extensively.

The author is Vice President & Managing Director – India , SAARC , Middle East & GSI at . Views are personal.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Related Articles