Planning for and Validating a DDoS Defense Strategy
1Planning for and Validating a DDoS Defense StrategyDistributed Denial of Service (DDoS) attacks can target any business on the Internet. Smartorganizations are taking proactive steps to build a defense against this threat as they becomebetter informed about the damage that site downtime can cause in terms of lost revenue andcustomer dissatisfaction.When an attack hits, panic can prevail. Seconds count in DDoS mitigation and the faster themitigation service is deployed, the shorter the site downtime. And if there is no mitigation servicein place, several days of downtime can be expected. Unfortunately, it’s not a matter of if, butwhen a website will be hit with a DDoS attack.Organizations that create a formal DDoS mitigation response plan have been most successful ineliminating the panic around DDoS. However, a DDoS response plan on paper – or a promisefrom a vendor – is not any guarantee that the mitigation service will work as expected.Unfortunately, the first real test of a company’s DDoS mitigation service is when a distributeddenial of service attack actually occurs.Best Practices for DDoS Mitigation Service Testing and ValidationWith the DDoS mitigation service active, verify that all applications are performing properlyVerify that all routing and DNS is workingGenerate a few gigabits of controlled traffic to validate the alerting, activation and mitigationfeatures of the serviceTest small levels of traffic without scrubbing and without any DDoS protection to validatethat your on-premise monitoring systems are functioning correctly. This action will also helpyou identify the stress points on your network.Conduct baseline testing and calibrate systems to remediate vulnerabilitiesSchedule validation tests on a regular basis with your DDoS mitigation service providerDevelop a DDoS mitigation playbook to ensure that everyone in the organization knowswhat to do and what to expect when a distributed denial of service DDoS attack hits
2How to PrepareWinning sports teams don’t ad lib or panic on the field when the opposing team launches asurprise offensive play. They have a well-rehearsed playbook with defensive moves that havebeen developed based on expertise and experience. A similar type of playbook can be essentialto a controlled, streamlined response to a DDoS attack.IT management should talk to their DDoS mitigation services provider before an attackhappens. Ask questions and discuss all of the possible DDoS scenarios and threats that thecompany could experience.Test and validate your DDoS monitoring and mitigation services, how they affect your networkwhen activated, and how effective they are against defending against cyber attacks. Moreimportantly, having a strong operational plan for smooth activation and communication shouldbe an integral part of an organization’s response plan.Regularly evaluate the capabilities of your service provider. Any reputable DDoS mitigationservice provider should have the expertise and capacity to serve many clients simultaneously –an important factor to consider as the daily occurrences of DDoS attacks escalate.When everyone in the organization – not just IT – understands what is involved with a DDoSattack, they will be able to respond with more confidence, control and calm, knowing they havea well-practiced operations plan in place. As a result, the DDoS mitigation process will go moresmoothly for minimized downtime and a faster return to business as usual.Download our free white paperDownload Planning for and Validating Your DDoS Defense Strategy at www.prolexic.com/planning.You’ll also read:Detailed enterprise case studies that show what happened when businesses were notprepared for a DDoS attack
3Key information to include in your DDoS mitigation playbook and whyA best-practice case study of DDoS attack readinessMore details on how to validate your DDoS defenseAbout ProlexicProlexic Technologies is the world’s largest, most trusted distributed denial of service (DDoS)protection and mitigation service provider. Able to absorb the largest and most complex DDoSattacks ever launched, Prolexic protects and restores within minutes mission-critical Internet-facing infrastructures for global enterprises and government agencies. Ten of the world’s largestbanks and the leading companies in e-Commerce, SaaS, payment processing, travel,hospitality, gaming and other industries at risk for DDoS attacks rely on Prolexic for DDoSprotection. Founded in 2003 as the world’s first in-the-cloud DDoS mitigation platform, Prolexicis headquartered in Hollywood, Florida, and has DDoS scrubbing centers located in theAmericas, Europe and Asia. To learn more about how Prolexic can stop DDoS attacks andprotect your business, please visit www.prolexic.com, call +1 (954) 620 6002 or follow@Prolexic on Twitter.