4 Massive Myths of DDoS


Myth #1: DDoS can be Solved by Adding Bandwidth

Truth: As illustrated in the graph below, attacks in 2011 were quite varied and over 76% of application-level attacks were non-volumetric in nature (that is bandwidth was not an attribute of the service disruption). Thus adding bandwidth would not have remedied the problem, and in some cases, would have made the attack worse!


Attack Types and Bandwidth have Varied!

Myth #2: DDoS Attacks are Based on Network Attacks – Mostly SYN Floods

Truth: 2011 was a watershed year not only logging more application-layer attacks then network, but also, the network level attacks were varied across UPD / TCP and IPv4 & IPv6 (as illustrated in the graph below)!

Radware Security Survey: Attack Count by Type and Bandwidth

Myth #3: DDoS Attacks Can be Mitigated by Internet / Cloud “Scrubbers”

Truth: DDoS “Cleaning” requires a layered approach (almost like all other security approaches). Cloud scrubbers have value, however premise-based devices are required for application-layer, encrypted and advanced anti-CDN attacks (as illustrated in the graph below).

Myth #4: My firewall and IPS devices protect me from DDoS Attacks

Truth: In 2011, IPS’ and Firewalls contributed to 1/3 of all originating service disruptions (see graph below).

Firewall and IPS Security Devices Accounted for 1/3 of Availability Outage/Bottleneck Problems in 2011

Carl Herberger

Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center