Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Kevin Normandeau

February 21, 2013

2 Min Read
Data Center Knowledge logo

Cloud computing and the growing usage of the Internet has placed even greater demands on a corporate data center. Now, organizations are relying more and more on their IT infrastructure to be the mechanism to drive growth and enable agility. Because of this focus on the data center, concerns around security have continued to grow as well. As a result, the growing scale and frequency of distributed denial of service (DDoS) attacks are taking a toll on these businesses.

The creativity in attacks has evolved with the growth in data center utilization. Where “volumetric” attacks were common, now organizations have to deal with advanced application-layer attacks. Furthermore, they are seeing greater amounts of attack-based data being thrown at an organization. The challenge now becomes understanding how modern security system interact with DDoS attacks.

IPS devices, firewalls and other security products are essential elements of a layered-defense strategy, but they are designed to solve security problems that are fundamentally different from dedicated DDoS detection and mitigation products. When analyzing the structure and impact of a DDoS attack, administrators must understand that their current security infrastructure may not necessarily protect them against a denial of service attack. This is where working with Intelligent DDoS Mitigation Systems is a must. IDMS solutions are placed within a data center to help prevent both volumetric and application-layer attacks. Arbor Networks outlines the key features of IDMS and how they can benefit an organization. These features include:

• Stateless
• Inline and Out-of-Band Deployment Options
• Scalable DDoS Mitigation
• Ability to Stop “Distributed” DoS Attacks
• Multiple Attack Countermeasures
• Comprehensive Reporting
• Industry Track Record and Enterprise

Download this white paper to see where current security devices fall short and how a DDoS attack can actually maneuver around modern firewalls and IPS solutions. By securing both internal and external data center components, security administrators create a logical layered defense strategy. By doing so, managers are able to be proactive against attacks and help prevent data loss, unwanted intrusions, and increase uptime.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like