[SECURITY] Application layer attacks/DDoS attacks
Hello there, As a reaction to the increasing demand -from enterprises- over the DDoS protection services, a fierce competition between vendors is about to start in this playground, big upfront investments started to happen in the tier one, tier two and tier three ISPs, IMHO this will have its aggressive effect on the volume of the DDoS attacks, and will eventually steer the mindset of the enterprises towards hosting the most critical applications/services in a well geographically-dispersed cloud and increasing the surface area using anycast then relatively decreasing the attack volume. Back to the DDoS protection, most anti-DDoS vendors are marketing their products as application layer attack DDoS defense, I am little bit confused; aren't the application firewalls" -either integrated in a "NGFW or a UTM"- the responsible for mitigating application layer attacks? Thanks, Ramy
To many pieces to answer on a weekend on NANOG, but those of us that work in the DDoS space the last number of years have seen huge growth in the application layer attacks. This does not mean a decrease in volumetric attack, just that now you have to worry about both and lots of each. FW's while they have got better are still not the solution for many reasons. Moving things to the "cloud" helps in come cases but not all. This is an arms race, the better we protecting the better the "bad guys" get at attacking. -jim On Sat, May 23, 2015 at 9:56 AM, Ramy Hashish <ramy.ihashish@gmail.com> wrote:
Hello there,
As a reaction to the increasing demand -from enterprises- over the DDoS protection services, a fierce competition between vendors is about to start in this playground, big upfront investments started to happen in the tier one, tier two and tier three ISPs, IMHO this will have its aggressive effect on the volume of the DDoS attacks, and will eventually steer the mindset of the enterprises towards hosting the most critical applications/services in a well geographically-dispersed cloud and increasing the surface area using anycast then relatively decreasing the attack volume.
Back to the DDoS protection, most anti-DDoS vendors are marketing their products as application layer attack DDoS defense, I am little bit confused; aren't the application firewalls" -either integrated in a "NGFW or a UTM"- the responsible for mitigating application layer attacks?
Thanks,
Ramy
Just to ask, what is the expected effect on DDoS attacks if folks implemented BCP38? How does the cost of implementing BCP38 compare to the cost of other solution attempts? H
On 23 May 2015, at 19:56, Ramy Hashish wrote:
I am little bit confused; aren't the application firewalls" -either integrated in a "NGFW or a UTM"- the responsible for mitigating application layer attacks?
<https://app.box.com/s/a3oqqlgwe15j8svojvzl> <https://app.box.com/s/4h2l6f4m8is6jnwk28cg> ----------------------------------- Roland Dobbins <rdobbins@arbor.net>
participants (4)
-
Harlan Stenn
-
jim deleskie
-
Ramy Hashish
-
Roland Dobbins