Most organizations cannot rely solely on on-premise solutions because of the volumetric aspects of DDoS attacks. Multi gigabit-sized attacks cause on-premise connection lines to fill up, and organizations to go offline. Vulnerabilities with CDNs also has limitations for organizations. On-premise and cloud-based solutions offer protections that most ISPs are not able to deliver effectively. Some ISP’s have much better detection and DDoS mitigation capabilities, and next-generation offerings may include WAF and DDoS automation and integration. Every ISP is different and actual protections will vary over time and with vendors.
Over the last couple of years, I wrote about DDoS attacks several times—with good reason. They are increasing in size and intensity. Each year more homes are connected to the Internet; consumers and businesses increase their access connection bandwidth; and more devices are online at each connection. With all these connected devices, many of which have little to no protection, the field is ripe for threat actors to harvest DDoS attack hosts, a.k.a. bots.
David Monahan is Research Director for Enterprise Management Associates (EMA) and is a featured guest blogger.
In previous blogs I have written about DDoS attacks and the inadequacies of using ISP and cloud-based DDoS attack scrubbing by themselves. However, in this blog I am going to speak to why WAF and DDoS filtering make a great pair, focusing on the difference between and the benefits of combining the web application firewall (WAF) and DDoS filtering.
Schools are getting more sophisticated; there is no doubt about it. My kids recently had an "emergency study exercise" in grade-school where they needed to log in to the school system from home and participate in an online classroom, listen to a session and answer some questions. The idea was to see if the school was prepared for emergency situations, where the kids couldn’t attend school for some reason, but they could continue studying remotely. I thought that was pretty cool.
I also learned recently about a high school in our area where all the classroom activity is conducted online. The students have no books, no notebooks – only their laptop.
Operation Blackout due date is approaching: Anonymous is planning to shutdown the Internet on March 31st, 2012 by attacking all 13 DNS root servers.
DNS is a critical infrastructure of the Internet as every web transaction involves a DNS service that is provided by the internet service provider. A successful attack against DNS servers will result in halt of all Internet based services.