Page 160 - Cyber Defense eMagazine October 2023
P. 160

distinct  transactions,  all  of  which  appear  legitimate.  Imagine  a  3  million  RPS  attack  with  1%  false
            negatives. Many online assets will be unable to survive.



            Protect Against Disruptive Web DDoS Tsunami Attacks

            Traditional network-based DDoS protection and WAF solutions are no longer able to protect against the
            new Web DDoS Tsunamis. A proper defense requires a L7, behavioral-based solution that can adapt in
            real time, scale to a magnitude higher than an on-premises solution, and identify attacking requests
            without blocking legitimate traffic. That detection requires decryption and deep inspection into L7 traffic
            headers, which network-based DDoS protection solutions are unable to provide. At the same time, WAFs
            that  rely  on  signature-based  protections  are  ill-equipped  to  deal  with  the  randomized,  dynamic
            sophistication of Tsunamis.

            What’s the right response? Instead of a volumetric approach that doesn’t distinguish between good and
            bad traffic, the proper solution must accurately distinguish between legitimate traffic surges and malicious
            attack  traffic  by  combining  behavioral-based,  automated  algorithms  with  high-scale  infrastructure  to
            accurately respond to high-RPS Tsunami attacks. More specifically, the solution should automatically:

               •  Minimize false positives – Dedicated behavioral-based algorithms quickly and accurately detect
                   and block L7 DDoS attacks without interrupting legitimate traffic.

               •  Prevent advanced threats and zero-day attacks – The solution should protect against a wide
                   range of L7 DDoS threats, including smaller-scale, sophisticated attacks; new L7 attack tools and
                   vectors; and large-scale, sophisticated Web DDoS Tsunami attacks.


               •  Adapt  protection  immediately  –  You  want  to  leverage  behavioral  analysis  and  real-time
                   signature generation to immediately detect HTTPS floods and continuously adapt the mitigation
                   in real-time to prevent downtime.

               •  Provide  consistent  protection  –  An  automated,  fully  managed  solution  helps  you  block
                   sophisticated attacks consistently across all applications and environments.

            Protecting against Tsunami attacks isn’t an easy or straightforward task. Web DDoS Tsunami protection
            solutions must cope with and absorb an ultra-steep increase in the incoming load, be ready to hold this
            volume for diverse periods of time, and do it in an efficient and cost-effective way—all while keeping
            online assets safe and available.













            Cyber Defense eMagazine – October 2023 Edition                                                                                                                                                                                                          160
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   155   156   157   158   159   160   161   162   163   164   165