Preparation for DDoS Mitigation

Service-Level-AgreementSlowLoris. UDP Flood. ACK Flood. The types of DDoS attacks really don’t matter - how well your mitigation protects you does!

When testing their mitigation for the first time, 97% of companies experience service disruption or complete downtime.

DDoS mitigation depends on a number factors that all need to be aligned in order to work effectively and can be grouped in to:

  • Technical considerations
  • Vendor management & SLAs
  • Your "DDoS Response" playbook detailing the Internal processes & procedures.
Are you prepared?

Technical Preparation – Is Your Onsite Mitigation System Ready for an Attack?

Today's leading DDoS mitigation solutions, whether cloud scrubbing services or on-prem devices should be able to mitigate the most common DDoS attack vectors (Layer, 3, 4 and 7) automatically.

DDoS vulnerabilities open up whenever changes in your network, like adding new servers and services, are not reflected in your DDoS mitigation configurations. To ensure your mitigation system is configured properly, you should validate it against DDoS attacks from all 3 OSI layers. BaseLine Testing will be able to establish how well your system reacts when you are faced with the 18 most critical types of DDoS attacks.

Vendor Preparation – Is your Scrubbing/Content Deliver Network Vendor Prepared for an Attack Against You?

Testing your vendors will validate that your scrubbing center is ready to protect you from attacks, whether they are simply protecting your domain (Content Delivery Network/Domain Name System) or your network IP (Border Gateway Protocol protection). It will allow you to gauge not only how well the SLAs you have are suited to your operations, but also how professional the vendor's team is.

BaseLine testing will ensure that the scrubbing center switchover and the mitigation capabilities work as expected. It also identifies triggering of false positives.

Personnel Preparation – Is Your Team Ready for that DDoS Attack?

Beyond the technology aspects, DDoS mitigation has its "softer" procedural and communication sides. When that DDoS attack hits, the correct preparation of your personnel will mean the difference between no downtime or prolonged downtime.

Testing your team with real DDoS attacks will provide invaluable insight into how clearly roles and responsibilities are defined and whether communication channels and escalation paths are set suitably to improve response handling and reduce downtime.

Be Prepared – Testing is Critical

With the ever-increasing use of botnets and the decreasing costs of DDoS attacks on the dark web, facing a DDoS attack is a matter of when, not if. Every minute of downtime costs your business real money. BaseLine testing will help you understand where your mitigation posture is failing so you can be better prepared on all fronts when you are under attack.

Get Our Guide: Tailoring DDoS Mitigation to Your Needs

Picture of Yotam Alon

About Yotam Alon

Yotam is the Dev Lead at MazeBolt and is in charge of all R&D activities, infrastructure and security. With five years in the security industry, Yotam brings fresh perspectives and insights into current technologies and development flows. He holds a BSc. in mathematics and philosophy and enjoys hitting the archery range in his spare time.