Can IPS Devices and Firewalls Stop DDoS Threats?

Cloud computing and the growing usage of the Internet has placed even greater demands on a corporate data center. Now, organizations are relying more and more on their IT infrastructure to be the mechanism to drive growth and enable agility. Because of this focus on the data center, concerns around security have continued to grow as well. As a result, the growing scale and frequency of distributed denial of service (DDoS) attacks are taking a toll on these businesses.

The creativity in attacks has evolved with the growth in data center utilization. Where “volumetric” attacks were common, now organizations have to deal with advanced application-layer attacks. Furthermore, they are seeing greater amounts of attack-based data being thrown at an organization. The challenge now becomes understanding how modern security system interact with DDoS attacks.

IPS devices, firewalls and other security products are essential elements of a layered-defense strategy, but they are designed to solve security problems that are fundamentally different from dedicated DDoS detection and mitigation products. When analyzing the structure and impact of a DDoS attack, administrators must understand that their current security infrastructure may not necessarily protect them against a denial of service attack. This is where working with Intelligent DDoS Mitigation Systems is a must. IDMS solutions are placed within a data center to help prevent both volumetric and application-layer attacks. Arbor Networks outlines the key features of IDMS and how they can benefit an organization. These features include:

  • Stateless
  • Inline and Out-of-Band Deployment Options
  • Scalable DDoS Mitigation
  • Ability to Stop “Distributed” DoS Attacks
  • Multiple Attack Countermeasures
  • Comprehensive Reporting
  • Industry Track Record and Enterprise

Download this white paper from Arbor Networks to see where current security devices fall short and how a DDoS attack can actually maneuver around modern firewalls and IPS solutions. By securing both internal and external data center components, security administrators create a logical layered defense strategy. By doing so, managers are able to be proactive against attacks and help prevent data loss, unwanted intrusions, and increase uptime.

Get Daily Email News from DCK!
Subscribe now and get our special report, "The World's Most Unique Data Centers."

Enter your email to receive messages about offerings by Penton, its brands, affiliates and/or third-party partners, consistent with Penton's Privacy Policy.

About the Author

Bill Kleyman is a veteran, enthusiastic technologist with experience in data center design, management and deployment. His architecture work includes virtualization and cloud deployments as well as business network design and implementation. Currently, Bill works as the Vice President of Strategy and Innovation at MTM Technologies, a Stamford, CT based consulting firm.

Add Your Comments

  • (will not be published)