|DDoS attacks are becoming a common problem. How can you protect your business from them?|
DDoS cyber-attacks have already become a common threat a while ago. What changes is that they become more and more sophisticated. Currently, such an attack can be ordered by anyone, as their availability and price is no longer an obstacle. This is one of the most commonly used ways of blocking a website or a system. How to protect yourself from it?
For a company providing its services online, business losses caused by overloaded servers or access links are far more than just the inability to provide customer support during the attack. They also include loss of trust, financial losses and damaged reputation, as well as potential internal conflicts within the organization. Protection against DDoS attacks became equally important to protecting IT assets against hackers and malware.
Unfortunately, companies in Poland rarely realize the scale of damages they can potentially incur due to cyber-attacks, and they tend to have insufficient safeguards against such threats.
The specific nature of DDoS attacks results in the need of advanced protection mechanisms required to protect your businesses from such threats. Traditional protection systems quite often have difficulties differentiating these attacks from regular traffic. The goal of such an attack is to saturate clients resources, e.g. Internet links. To be able to protect resources from such attacks, it is necessary to properly identify and stop them on the level of your IT operators infrastructure, who can intercept and neutralize the traffic that might be potentially dangerous for an end-client. All these conditions are met by the ATMAN AntiDDoS service from ATM S.A., says Robert Paszkiewicz, Head of Marketing and Business Development, ATM S.A.
In order to protect clients resources against known, unknown, and evolving volumetric attacks, including DoS and DDoS attacks, ATM S.A. created the ATMAN AntiDDoS solution. Its characteristic features include automatic operation and elimination of the human factor, as well as very fast response times (crucial in case of DDoS attacks) threats are identified and neutralized in just a few seconds.
The basic model of the ATMAN AntiDDoS service consists of two protective devices installed on clients link: a Sensor and a Filter. These two devices together with the installed monitoring software are dedicated exclusively to a particular client. Clients gain access to a complex, and yet intuitive administration panel delivered in a form of a web app, which can be used to monitor and easily set up the parameters of the solution.
How It Works
The system identifies subnetworks to be monitored. After an initial analysis, volumetric thresholds are defined (e.g. TCP 60 Mbps, 10 kpps), and when they are exceeded, a so called Anomaly is detected. Each subnetwork and each addressee can have different Threshold and Response templates assigned to them.
The Sensors task is to analyze in real time the entire production traffic running through clients Internet link. If the Sensor detects that the protection triggering thresholds were exceeded, the entire traffic to the attacked host is redirected from the backbone router to the Filter. In just a few seconds the filtered traffic is analyzed (rules can be defined in the administration panel). It is then sent back to the client via a separate return channel, the so called separate VLAN.
Main advantages from an infrastructure configured this way are, among others, continued operations on the primary link of the addresses that werent attacked, and zero influence of possible AntiDDoS solution downtimes on the unrestricted Internet access service, explains Robert Paszkiewicz.