Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Add Your Comments

Cloud computing and the growing usage of the Internet has placed even greater demands on a corporate data center. Now, organizations are relying more and more on their IT infrastructure to be the mechanism to drive growth and enable agility. Because of this focus on the data center, concerns around security have continued to grow as well. As a result, the growing scale and frequency of distributed denial of service (DDoS) attacks are taking a toll on these businesses.

The creativity in attacks has evolved with the growth in data center utilization. Where “volumetric” attacks were common, now organizations have to deal with advanced application-layer attacks. Furthermore, they are seeing greater amounts of attack-based data being thrown at an organization. The challenge now becomes understanding how modern security system interact with DDoS attacks.

IPS devices, firewalls and other security products are essential elements of a layered-defense strategy, but they are designed to solve security problems that are fundamentally different from dedicated DDoS detection and mitigation products. When analyzing the structure and impact of a DDoS attack, administrators must understand that their current security infrastructure may not necessarily protect them against a denial of service attack. This is where working with Intelligent DDoS Mitigation Systems is a must. IDMS solutions are placed within a data center to help prevent both volumetric and application-layer attacks. Arbor Networks outlines the key features of IDMS and how they can benefit an organization. These features include:

• Stateless
• Inline and Out-of-Band Deployment Options
• Scalable DDoS Mitigation
• Ability to Stop “Distributed” DoS Attacks
• Multiple Attack Countermeasures
• Comprehensive Reporting
• Industry Track Record and Enterprise

Download this white paper to see where current security devices fall short and how a DDoS attack can actually maneuver around modern firewalls and IPS solutions. By securing both internal and external data center components, security administrators create a logical layered defense strategy. By doing so, managers are able to be proactive against attacks and help prevent data loss, unwanted intrusions, and increase uptime.

About the Author

Kevin Normandeau, is a veteran of the technology publishing industry having worked at a variety of technology sites including PC World; AOL Computing; Network World; Geek.com and International Data Group (IDG). Kevin lives in Massachusetts with his wife and two sons. When he is not in front of the computer (which is most of the time) he likes to get out to ski, hike and mountain bike.

Add Your Comments

  • (will not be published)