Everything you ever wanted to know about security policy management, and much more.
Okay so if you’ve read Part 1 of this blog series, you now know what DDoS is (and if you don’t, you’re on the wrong site!). Now what? Well now we start the phase of defending against these attacks. The first thing you need to look at is your infrastructure and determine what tools you currently have in your toolbox that might be able to defend against it.
There are many things that can be done with existing network equipment to protect against network layer attacks. If you know that your equipment can barely handle the current production load then being hit with a small DDoS is going to tip you over.
From an application layer perspective, know where you weak points are. How many connections can you database hold without dying? Do you have the opportunity to failover or cluster websites, DNS, etc to push the load of traffic to other sites or distribute the traffic to where you want it?
Knowing what you currently have in your arsenal can really come in handy when you’re attacked later. Also, there are on site or premise devices that are strictly there to protect your network and applications against DDoS attacks. These are looking at the traffic coming into your network and will start mitigating once bad traffic is identified. The problem here is what happens when the load is too much for that system, the routers or your internet connection? I’m glad you asked.
Some options to consider:
The last thing you want is to not know you were slowly being attacked until it’s too late. You’ll never get those 15 minutes back. Next we’ll examine some Do’s and Don’ts when it comes to securing your network from DDoS attacks.
Receive notifications of new posts by email.