Page 160 - Cyber Defense eMagazine October 2023
P. 160
distinct transactions, all of which appear legitimate. Imagine a 3 million RPS attack with 1% false
negatives. Many online assets will be unable to survive.
Protect Against Disruptive Web DDoS Tsunami Attacks
Traditional network-based DDoS protection and WAF solutions are no longer able to protect against the
new Web DDoS Tsunamis. A proper defense requires a L7, behavioral-based solution that can adapt in
real time, scale to a magnitude higher than an on-premises solution, and identify attacking requests
without blocking legitimate traffic. That detection requires decryption and deep inspection into L7 traffic
headers, which network-based DDoS protection solutions are unable to provide. At the same time, WAFs
that rely on signature-based protections are ill-equipped to deal with the randomized, dynamic
sophistication of Tsunamis.
What’s the right response? Instead of a volumetric approach that doesn’t distinguish between good and
bad traffic, the proper solution must accurately distinguish between legitimate traffic surges and malicious
attack traffic by combining behavioral-based, automated algorithms with high-scale infrastructure to
accurately respond to high-RPS Tsunami attacks. More specifically, the solution should automatically:
• Minimize false positives – Dedicated behavioral-based algorithms quickly and accurately detect
and block L7 DDoS attacks without interrupting legitimate traffic.
• Prevent advanced threats and zero-day attacks – The solution should protect against a wide
range of L7 DDoS threats, including smaller-scale, sophisticated attacks; new L7 attack tools and
vectors; and large-scale, sophisticated Web DDoS Tsunami attacks.
• Adapt protection immediately – You want to leverage behavioral analysis and real-time
signature generation to immediately detect HTTPS floods and continuously adapt the mitigation
in real-time to prevent downtime.
• Provide consistent protection – An automated, fully managed solution helps you block
sophisticated attacks consistently across all applications and environments.
Protecting against Tsunami attacks isn’t an easy or straightforward task. Web DDoS Tsunami protection
solutions must cope with and absorb an ultra-steep increase in the incoming load, be ready to hold this
volume for diverse periods of time, and do it in an efficient and cost-effective way—all while keeping
online assets safe and available.
Cyber Defense eMagazine – October 2023 Edition 160
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.