www.prolexic.com | Ecommerce and retail businesses can lose thousand - or even millions - of dollars when their websites go dark due to DDoS attacks. With so much at stake, they have strong opinions on DDoS protection needs. This report shares some of their opinions on various DDoS protection options, as captured in a recent Prolexic survey.

1. DDoS Protection Services:
What Really Matters to e-Commerce Companies
Prolexic recently released the results of a survey of global e-Commerce companies. The
participants were asked about DDoS protection and their views of the effectiveness of different
types of DDoS mitigation services.Some of their responses might surprise you.
A cross-section of retail companies with e-Commerce websites participated in the survey,
spanning many business sectors, including consumer electronics, healthcare, online payment
processing, fashion and apparel, toys and gifts, heating and plumbing, and software-as-a-service.
The respondents, a statistically significant subset of Prolexic customers, included online retailers
from the United States, Europe and Asia.
Results showed a nearly unanimous belief among respondents that their company websites were
at mid-to-high risk of being targeted by DDoS attacks over the next 12 months. Because of the
perceived high risk to their businesses, these companies have likely spent more time and
resources in choosing the right DDoS mitigation service provider than most e-Commerce
companies.
Most respondentssaid DDoS mitigation services from Internet service providers (ISPs) and
content delivery networks (CDNs) were ineffective in providing the level of protection their
companies require and expect. In fact, they see these two types of DDoS mitigation service
providers as the least effective type ofDDoS protection services. ISPs and CDNs were said to be
especially ineffective against direct-to-origin DDoS attacks and application-layer attacks.
Let’s look at the numbers. The least effective type of DDoS mitigation solution was CDNs,
according to 58 percent of respondents. What’s more, no respondents ranked CDNs as the most
effective type of DDoS mitigation service. Next comes ISPs, which were ranked as least effective for
mitigating DDoS attacks by 42 percent of respondents, while 8 percent said ISPs were the most
effective.On-site DDoS mitigation appliances were ranked as the least effective by 33 percent of
respondents, and no respondents ranked appliances as most effective.
What came through loud and clear in the analysis was that survey participantsclearlypreferred a
mature,DDoS mitigation service provider focused on DDoS mitigation, like Prolexic – not an ISP or
CDN that tries to do DDoS mitigation at the same time it’s focused on another line of business.
These e-Commerce firms said it was important for a DDoS mitigation service to have proven
competence and DDoS mitigation capabilities that can scale to stop the largest DDoS attacks on the
Internet, with low false positives, and the fastest mitigation backed by a service level agreement
1

2. (SLA). In other words, they want a DDoS mitigation service provider that can do what it has
promised – and will back up its promise with a written guarantee, an SLA.
They also want a mitigation provider with a proven track record of ensuring the client’s site
availability and business continuity during a DDoS attack. A site that runs slowly so slowly as to
cause customers to give up and go elsewhere or that crashes entirely isn’t going to be to an eretailer.
Another point identified by the analysis is that e-Commerce companies want network protection
for all their IP addresses with a single DDoS mitigation solution. They don’t want to have to
manage add-on services from multiple ISPs or CDNs. Instead, they want a total-protection
provider that sits in front of all IPs and carriers and provides routed protection against all avenues
of attacks.
Register to read the full industry report, including specific customer comments. You can download
DDoS Protection Services: What Really Matters to e-Commerce Companies, a Survey of
Prolexicatwww.prolexic.com/ecommerce-report.
In this industry report, you’ll learn:
e-Commerce firms’ perceptions of their DDoS attack risk
The top three must-have capabilities that Prolexic customers look for in a DDoS protection
provider
Why content delivery networks (CDNs) and Internet service providers (ISPs) were said to
be the least effective DDoS protection services
The respondents’ views of the relative importance of site availability, protection from nonDDoS attack vectors, site responsiveness, PCI compliance and more
A sample of the survey
In addition, Prolexic has also made available an e-commerce white paper, Safeguarding eCommerce Revenues from DDoS Attacks in Q4 at www.prolexic.com/safeguarding, and an eCommerce DDoS protection infographic.
About Prolexic
Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and
mitigation services. Learn more at www.prolexic.com.
2