On December 23, Neustar successfully defended against a DDoS attack. In the world of DNS, Distributed Denial of Service or DDoS attacks are a fact of life and a major reason our customers have chosen UltraDNS. They know they are better off with our patented technology, systems, expertise, processes, and 7/24 operations than they could do themselves.

In a recent CIO Magazine article written by Amir Shahmiri, Neustar VP of Network Engineering and Operations, he provided some best practices for DDoS protection.

Monitoring – Reaction time is critical. Having the appropriate monitors to detect increases in overall traffic and/or specific types of traffic are very important.

Analysis – Once the alarms go off, it is necessary to then have a quick method to identify the particular characteristics of the attack. You can’t come up with a mitigation strategy until you know specifically what you are dealing with.

Bandwidth – All DDoS mitigation strategies will require the ability to absorb a certain amount of attack traffic. More bandwidth gives you more flexibility.

Mitigation – Once the attack signature has been identified there are various methods to mitigate the malicious traffic. Rarely is this a cookie cutter solution. Think about the types of attacks that may be seen and plan mitigation strategies around them. Expertise and Continuing

Education – it is very important to have in place the expertise, experience and training needed to keep your technical team sharp and ready to deal with these events. It is not uncommon for months to pass between attacks and people tend to lose the focus needed to handle these events quickly. Frequent and regular training exercises can help keep teams sharp and ready.