The DDoS protection industry began around 2004 and has grown as quickly as the number and types of attacks have increased. DDoS attacks started as volumetric but soon moved into other vectors like application, encryption, SSL-based and more. It’s difficult to say if the good guys have managed to stay ahead of the bad guys.
We’ve seen shifts in protection from solutions that are all on-premise to solutions only in the cloud. Should customers put all their eggs in one basket and trust a cloud-only mitigation solution, or is it necessary to have a premise component depending upon the type of attack? Are cloud DDoS protection providers able to quickly identify all Layer 3-4 and in particular Layer 7, application attacks and mitigate all attacks efficiently? Will you be kept up at night wondering if you’ve selected the perfect partner to secure your business and if not, who are the best vendors to trust to keep your business running?
Forrester has released their most recent DDoS Wave, The Forrester Wave™: DDoS Mitigation Solutions, Q4 2017, where they evaluated DDoS protection players to show how each provider measures up, and to help security and risk (S&R) professionals make the right choice.
The DDoS Wave evaluates the strengths and weaknesses of various solutions based on vendor surveys, product demos and customer reference information for 36 criteria, to help security and risk (S&R) professionals decide which vendor has the right DDoS protection solution for them. Each vendor was evaluated based on market presence, strategy and current offering. The evaluation of the current offering focused on vendors’ “ability to detect and mitigate multiple attack types, mitigation capacity, service levels, threat intelligence, reporting, visibility, and client satisfaction.”
Radware was chosen as a leader in the Wave report, which noted that “on-premises appliances can be combined with Radware’s cloud DDoS mitigation service for a hybrid solution.” As attackers look for new and different ways to break into an organization’s defense, multi-vector attacks are increasing in number, underlining the need for a solution that can protect from more sophisticated attacks, including Layer 7 and DNS attacks.
Part of this hybrid approach that Radware was recognized for was unique behavioral detection capabilities to detect attacks in a short timeframe, including emerging threats that can go undetected by traditional DDoS mitigation tools. Behavioral algorithms and mitigation automation are particularly important when battling IoT botnets like Mirai DNS Water Torture, which have brought large enterprises to their knees. As more internet traffic becomes SSL-encrypted, the ability to examine all this traffic becomes even more paramount. Scrubbing capacity was also noted as a differentiator in this year’s DDoS report. Nine scrubbing centers in three different locations around the world allow us to provide reliability and scalability in multiple regions.
There are several considerations you should take into account while choosing a DDoS protection vendor:
- Do they have a cloud only, on-prem only, or hybrid solution and do all the components of the solution communicate details of each threat effectively for efficient mitigation?
- Does their solution cause high latency and false positives?
- Do they cover a wide footprint with their scrubbing centers and do they provide global capacity to handle a volumetric attack?
- Does the vendor use behavioral analysis of the traffic to detect and mitigate the attack?
- Does the solution use automation to configure signatures or is the vendor dependent upon rate limiting and IP address blacklisting?
- How many years of experience does the vendor’s emergency response team have and how many customers do they assist?
Asking these questions should enable your business to choose the best DDoS protection solution for your needs. The best solutions will be able to evolve and adapt to protect from the ever-changing threat landscape while minimizing the reputational, financial, and operational impacts of an attack.