Home / Industry

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Neustar’s professional DDoS responders (Security Operations Center) are on the frontlines when businesses get attacked. In the 2014 Neustar Annual DDoS Attacks and Impact Report, one team member described common DDoS mitigation scenarios. Below are some excerpts from the report.

* * *

When a business makes a DDoS “911” call to you, what typically happens?

“Many companies still wait to get attacked before deploying protection, so they have to decide on the spot: are we purchasing a solution, and if so from whom? It’s a big decision to have to make on the fly, which compounds the anxiety of being under attack.”

How long does it take to begin DDoS mitigation?

“If you already have an always-on appliance-based solution in place, you’re already mitigating. However, these appliances max out at some point, so if an attack becomes large you might call a provider for cloud failover. If you already have a cloud solution your provider should help launch mitigation in under five minutes. If you have no solution in place, it can easily take four hours to provision your defenses.”

What are the basic “first responder” steps?

“First responders examine any alerts or notifications. Then we analyze your traffic step by step. Once the analysis is clear, we can determine the type of attack and use precise countermeasures. If you’re an existing customer with a protection provider, they have baseline data on your traffic. They’re able to compare attack traffic to everyday traffic, which is extremely useful in crafting the response.”

Any advice for businesses who still want to go it alone?

“It’s smart to ‘know your normal.’ What does your traffic usually look like? Knowing this will help you identify and mitigate attacks faster.”

For more tips and insights on DDoS responses, view the full report.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By GoDaddy Registry, World-Leading Provider of Domain Name Registry Services

GoDaddy Registry (formerly Neustar Registry) is one of the world’s largest and leading domain name registry providers. We operate top-level domains (TLDs) on behalf of sovereign nations, city governments, global brands and domain registries so that people worldwide can bring their ideas to life online.

Visit Page

Filed Under

Comments

Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC