What is a DDoS Attack?
In a distributed denial of service (DDoS) attack, the point is to overwhelm and disable a computing resource, usually a website, or perhaps an email server. The attack uses multiple hosts to whip up a traffic tsunami. Usually sooner than later, your system is overwhelmed and it eventually fails.
Often, attackers assemble botnets–networks of infected computers–to generate the traffic to paralyze a site. When the targeted server receives too many information requests, the main system crashes. Bottom line: customers are blocked from reaching your site. Online business grinds to a halt and your brand takes a hit.
DDoS Protection for Business
Neustar SiteProtect offers two types of DDoS protection: on-demand and hybrid. SiteProtect is a customizable DDoS mitigation solution that is built to fit the needs of all businesses, whether on-premise or in the cloud. With the right blend of expertise to anticipate DDoS attacks, and the technology to stop them, Neustar keeps your website up when the bad guys try to knock it down.
On-demand DDoS protection.
SiteProtect is a high-capacity, cloud-based DDoS protection service that scrubs malicious traffic away from your infrastructure. Your traffic is redirected to a cloud-based “scrubbing” center, where security engineers with years of DDoS experience employ diverse technologies and proven attack responses. The on-demand protection that SiteProtect affords can be activated through DNS redirection or BGP redirection.
Hybrid DDoS protection.
SiteProtect Hybrid features the best-in-breed Arbor Pravaill® DDoS mitigation appliance, which instantly combats attacks at the local level. When attacks exceed local capacity, Neustar fails over your traffic to the SiteProtect cloud and manages the response until the attack has been remedied. SiteProtect Hybrid is a fully managed service that detects and responds to DDoS attacks so you can commit resources to other priorities.
DDoS Attack Types: Here are 3 of the most popular.
Network attacks: These attacks clog the pipelines connecting your network, website, or online service to the Internet. Because network attacks generate such huge amounts of traffic, they’re also known as volumetric attacks. With the availability of cloud-based computing, and the infrastructure to support it, network attacks are growing in size, with some topping 200-300 Gbps.
Protocol attacks: This type of attack is engineered to exploit network protocols—for instance, network time protocol (NTP), which syncs time between machines on any given network. When configuring network protocols most people “set it and forget it.” There are few security updates, leaving exposure to risk. Unlike volumetric attacks, protocol attacks are measured in velocity, in packets per second (PPS), as opposed to bandwidth.
Application attacks: Here, the attacker overloads the resources behind a website application, such as the search function or email service, versus attacking the whole network. Often disguised as legitimate traffic, these surgical strikes are large enough to crash most mid-sized sites, or disrupt larger ones enough to make customers notice.
Warning: Many attacks today employ more than one method. By mixing things up and confusing defenders, attackers raise their odds of success.