Page 22 - AeM_June_2019
P. 22
BEST PRACTICES & STRATEGIES
Safeguards against DDOS attacks
As you might remember, we published a write-up on how Today, however, the methods of DDoS attacks and
to prevent and ward distributed denial-of-service (DDPS) their scope are evolving so fast that individual IT
attacks a year ago, but decided to share again the useful teams and self-developed defense systems can
tips from CDNetworks since the discrepancy between barely keep up. Arranging for additional hardware
corporate reality and self-assessment in IT security to servers and routers is not only costly, it also
seems to have remained the same since then. requires constant updates and configurations
toward the more and more sophisticated DDoS
The content delivery network and cloud security attacks. Not to mention, that the systems are still
specialist summarized the following steps to help vulnerable to targeted network congestion. Almost
companies addressing DDoS attacks: all vulnerability tests show that one of the biggest
weaknesses lies within the capacity limits of your
• Identify vulnerability and severity of security own network. If this limit is exceeded - be it due to
issue harmless causes or by malicious DDoS attacks - it
In a first step, it is necessary to check the security comes to a network failure. A practicable solution
status in the company. This requires a represents a cloud-based DDoS defense. Cloud
comprehensive review of the strengths and security vendors can leverage network capabilities
weaknesses of the network to determine where that far exceed those of a single data center,
system and network defenses exist and how easily providing reliable protection even in case of very
they could be exploited. The latter can be large attacks, and their expert teams are constantly
determined by means of vulnerability tests and working to keep up with the development of DDoS
DDoS test. Then it should be checked if existing strategies. At the same time, they can clean up
solutions for DDoS minimization are sufficient.
data to ensure that only "legitimate" traffic comes
through. Resources, such as the Open Web
• Find a suitable solution strategy
Application Security Project (OWASP), can also
In the early 2000s, when DDoS attacks were still help with DDoS defense planning.
rare and uncomplicated, do-it-yourself solutions
provided adequate protection.
22 June 2019 - Cyber-security & Data Protection