Articles

DDoS Mitigation Techniques for Your Enterprise IT Network

by Tanya Gupta Digital Strategist

DDoS attacks continue to be one of the most targeted attack vectors to counter. The range of attack methods is growing and diversifying as a prebuilt toolkit, and even DDoS attack services, are made more readily available.

Here are the few DDoS Mitigation techniques to protect your business from the wide range of DDoS attacks:

TRAFFIC RATE LIMITING

Too many traffic can cause a server to be flooded. To control the amount of incoming and outgoing traffic to or from a network, the rate limiting is done.

This can be enforced by setting a traffic threshold for allowing only the desired bandwidth of traffic.

  • Prevents Volumetric attacks, Protocol and Resource attacks
  • Network and Application level enforcement

 

AGGRESSIVE AGING

When idle connections fill up the connection tables in servers, you can provide some relief to them by aggressive aging.

Aggressive Aging causes idle/half-open inbound and outbound connections to timeout much sooner.

  • Prevent Open connection and slow connection attacks
  • Prevents idle connections to fill up the connection tables in servers
  • Much sooner Timeout for Inbound and Outbound Connections.

 

TRAFFIC SHAPING

Traffic shaping is used to optimize the network performance and improve latency. This practice involves delaying the flow of packets that are described as less important than those of the prioritized traffic streams.

  • Optimization of the network performance
  • Prevent False Positives

Example: In a corporate environment, business-related traffic may be given priority over other traffic.


 

DEEP PACKET INSPECTION

Deep Packet Inspection is used to look within the application payload of a packet or traffic stream and make decisions based on the content of that payload.

  • Look within the application payload of the packet
  • Accurate detection of malicious packets
  • Serves real-time network monitoring
  • Enhances the capability of ISPs to prevent the exploitation of IoT devices in DDOS attacks.

 

ANOMALY DETECTION

Anomaly detection is used to identify the unusual traffic patterns that do not conform to expected behavior. The detection of a malicious traffic also prevents against the Zero-day attacks.

  • Enables quick response to the attack mitigation
  • Accurately detects the abnormal behavior of the traffic
  • Prevents Zero-day DDoS attacks

 

BLACKLISTING / WHITELISTING

Blacklisting / Whitelisting allows to block or accept the inbound or outbound traffic to prevent the flood attacks coming from multiple IP resources. While the Greylisting is done to provide a challenge to an accessing IP.

  • Filter legitimate/malicious incoming requests that are coming from any geographical region
  • Ensure regulatory compliance regimes
  • Prevent Inbound and Outbound flood attacks from the multiple IP resources

Sponsor Ads


About Tanya Gupta Advanced   Digital Strategist

40 connections, 0 recommendations, 135 honor points.
Joined APSense since, April 25th, 2018, From noida, India.

Created on Sep 17th 2018 02:04. Viewed 385 times.

Comments

No comment, be the first to comment.
Please sign in before you comment.