How can you protect your network from DDoS attacks?

How can you protect your network from DDoS attacks?

Posted on

Ensuring that an enterprise network is protected against criminal attacks needs to be a top priority for any administrator these days, with the number of reported incidents seeing a significant rise.

But it is not just solutions such as firewalls and antivirus software that need to be deployed in order to protect against problems like malware and network intrusion. One issue that is causing increasing challenges for businesses is distributed denial of service (DDoS) attacks, which can quickly bring an entire network to a standstill.

This type of attack, which flood a server with automated requests, making it impossible to process legitimate traffic, have grown in prominence in the last couple of years, with some of the world's largest companies having services taken offline as a result.

They are also noted as being particularly hard to defend against. In the past, many companies were simply forced to ride out the attack and pick up the pieces once it was over, but as DDoS attacks get bigger and longer-lasting, this is not a practical strategy.

Therefore, companies need to rethink how they approach DDoS in order to ensure their networks can cope when they come under such attacks.

It was noted by A10 Networks in a piece for Network World that the first step needs to be swift detection. It stated that in many cases, it can be a long time before network staff recognise an incident as a DDoS attack and not a failing server or application, which can delay the implementation of a response.

"When mitigation starts too late, the damage may already be done: the firewall state table may be overwhelmed, causing reboots, or worse, it locks up, making the DDoS attack effective from the attacker’s perspective," the piece stated.

One way to improve detection speeds is to keep a close eye on performance metrics. A10 Networks noted that the main limitation of any given network node is the number of packets of information it can handle per second, as this is what DDoS attacks try to overwhelm.

"By sending many small packets at a high rate, an attacker can stress out the infrastructure quite quickly – especially traditional security infrastructure such as firewalls, or Intrusion Detection Systems," it said. Therefore, administrators can use any unusual activity as an early indicator of a DDoS attack.

As these attacks can enter a network with very high packet per second rates, any mitigation solution needs to have adequate processing power to respond to this. Tools that can scale up on demand will therefore be a necessity if an incident is to be successfully countered.

Such systems need to be thoroughly tested to determine if they can cope under the strain of a DDoS attack. A10 networks observed that current trends are for attackers to use multiple attack vectors that are launched simultaneously. Defences may be frequently tested against any one attack method, but can they cope when two or more are used at the same time?

"Periodic validation of your network’s security performance is critical to ensure that your security solutions will hold up during various simultaneous attacks, and to ensure that your network investments are up to the task in a growing, secured network," A10 Networks stated.

Read more on Networks

Cabling bandwidth: What do you need to know?

When determining the right cabling solutions for an installation, there are a variety of factors that need to be considered. Deployers need to balance the issue of cost versus performance...

Resource Hub

Designed to bring you the latest information - industry news, articles, calculators and tools

Visit our Resource Hub

Request Catalogue

Make sure to get a free copy of our latest catalogue featuring our products. Click on the button to receive your copy.

Click Here