Today’s DDoS Attacks Require Multi-Layered Protection

Modern DDoS attacks target networks, services, applications and infrastructure—often at the same time—through a multi-layered attack strategy. These attacks combine low-bandwidth attacks that bring down key applications with large flood or “volumetric” attacks that cripple enterprise data centers. To make matters worse, traditional perimeter defense like firewalls and IPS are often the first targets of DDoS attacks.

Application-layer and infrastructure attacks are best mitigated on premise, while volumetric attacks are best mitigated in the cloud.

Multi-layered protection is the only way to defend against today’s multi-layered DDoS attacks.

Cloud Signaling: A Faster, Automated Way to Mitigate Multi-Layered Attacks

Cloud Signaling is an efficient and integrated way of connecting on-premise and cloud-based DDoS mitigation—from a single dashboard.

With Arbor DDoS protection deployed on premise, your enterprise stays in control of the mitigation. You have complete visibility into network traffic, and can identify and mitigate application-layer attacks before they impact performance and availability. To augment on-premise protection, you can send a cloud signal by simply clicking on a drop-down menu and triggering an alert to Arbor Cloud. Or you can pre-set the signal to occur at certain levels, say when the connection is at 75% capacity.

screenshot aps cloudsignaling

Cloud Signaling in Action

Consider the following scenario. A data center engineer notices that critical services such as corporate sites, email and DNS are no longer accessible. After a root cause analysis, the company realizes that its servers are under a significant DDoS attack. The data center engineer must work with customer support centers from multiple upstream ISPs to coordinate a broad DDoS mitigation response. Simultaneously, the engineer must provide constant situational updates to management teams and application owners. To be effective, the engineer must also have the right internal tools available in front of the firewalls to stop the application-layer attack targeting the servers. All of this must be done in a high-pressure, time-sensitive environment.

This same scenario would be quite different with Cloud Signaling in place. Once the engineer discovered that the source of the problem is a DDoS attack, he or she could mitigate the attack in the cloud by triggering a cloud signal to Arbor Cloud’s mitigation infrastructure. The cloud signal would include details about the attack to increase the effectiveness of the response. This would take internal pressure off the engineer from management and application owners. It would also allow the engineer to communicate with Arbor Cloud’s security experts to give more information about the attack and fine-tune the cloud defense as needed.

Benefits of Cloud Signaling

  • Increased effectiveness of DDoS protection
  • Faster DDoS identification and mitigation
  • Reduced operational costs
  • Brand/reputation preservation