Technology Tuesday is upon us again, and I am so excited to talk about this solution, because it is a great solution that is normally linked to enterprise security solutions, but SMBs should absolutely be leveraging this technology. Cloud DDoS is a key security technology, and it’s not surprising since it is impossible to go more than a day without hearing about the latest corporate attack caused by DDoS. And if you are looking for a cloud DDoS solution, you really need to start with Imperva’s offering.
Imperva is well known for their Web Application Firewalls (WAF), and if you think of the largest eCommerce sites on the Internet, there is a good chance it’s Imperva protecting it. Through their independent subsidiary, Incapsula, they offer a cloud based DDoS service that is not just enterprise class, it’s affordable to the mid-market customers who don’t have the in-house expertise and want a fully managed cloud solution.
Cloud DDoS solutions allow legitimate traffic through to the site, while scaling automatically to deal with the fluctuation in types of attacks. This is important because you can’t expect that attackers consistently use the same type of attack, in fact, their main goal is to simply drive as many requests to the server as possible to overwhelm it and ultimately take it down. Anonymous recently started leveraging an Apache Web server flaw and exploiting it using their tool, RefRef. Thus, the ability to identify multiple types of attacks and adapt is so crucial.
The other key function required of DDoS prevention solutions is to be able to handle the mass amount of traffic pumped through to the servers. Modern DDoS attacks leverage hacked server botnets which connect through DSL connections to form the attacks. Unfortunately, most companies think that the best way to deal with such attacks is to increase the size of the pipe running to their servers. This is really just an expensive way to ignore the problem.
The Imperva cloud DDoS solution protects organizations against various types of DDoS attacks including SYN or UDP floods, and can handle traffic up to 4Gbps (to give you an idea, while most organizations see traffic attacks around 10Mbps up to 200Mbps, LulzSec and other hacktivist groups have shown just how high they can scale.) In addition, Imperva’s Cloud DDoS actually reroutes traffic through multiple data centres to protect the customer’s site. By doing this, Imperva’s Security Operations Centre can identify the types of traffic being utilized and fine tune policies to provide ongoing protection from these types of attacks and their sources. But it doesn’t just provide future prevention, it also helps businesses understand what is going on during the attack and monitor application performance to ensure that business can still continue.
I have always been adamant that if you have web-facing applications and data you need to protect (who doesn’t!), there are 2 key things you should start with: Web Application Firewalls and DDoS. One will block,and one will manage the attack. I see it as a way to apply a “virtual patch” to buy you time to lock down your data before a breach occurs.
For more information, check out Imperva’s solutions at www.imperva.com