DDoS attacks are Distributed Denial of Service attacks. As the name suggests they are when multiple devices flood a network with traffic. This cripples it and forces it to deny service to legitimate users.
DDoS attacks are a serious hazard, particularly given the growing use of online services. It, therefore, makes sense to look at DDoS mitigation service providers. Here is a quick guide on what you need to think about when choosing one.
As with most forms of managed IT services, DDoS mitigation service providers come in various forms. Some are specialists in particular types of DDoS attacks (e.g. attacks at the application layer). Others are generalists who can handle all kinds of DDoS-related issues.
Specialist DDoS mitigation service providers can be useful if you just need to supplement in-house resources. If, however, you want your DDoS mitigation service provider to handle all aspects of DDoS mitigation for you, then you need a generalist.
Another benefit of going with a generalist is that it can be easier to update the type of DDoS protection you use to reflect future changes. If you go for a specialist vendor, you may have to change suppliers or hire additional suppliers in the future.
First of all, you need to think about your network’s capacity. In particular, what is its bandwidth and how many connections does it handle? Secondly, you need to think about its complexity. Lastly, you need to think about what the future is likely to hold. As far as you can tell, are there likely to be any changes that could influence the service you will need?
This exercise is particularly important for enterprises as they will have the largest and most complex networks. Even some of the larger DDoS mitigation service providers may not be up to handling them.
Similar comments apply to your traffic patterns. Firstly, you need to think about the volume of network traffic you handle. You also need to think about how this varies over the course of a business cycle. Secondly, you need to think about the nature of your traffic, particularly its complexity.
For example, if you only do business in certain areas, it may be practical for you just to block all traffic from high-risk countries. You can make specific exceptions for any relevant domains in those countries (e.g. suppliers). This can significantly reduce your vulnerability to DDoS.
If, however, you operate globally, then you will need to keep your network open to traffic from high-risk countries. This means that you will probably need a much higher level of support from your DDoS mitigation service provider.
All business networks require 24/7/365 security monitoring. This includes monitoring for DDoS attacks. In fact, this is arguably one of the most important parts of security monitoring. This is because DDoS attacks need to be stopped in their tracks if at all possible.
You need to decide what role, if any, you want your DDoS mitigation service provider to play in this. If you do want them to play a role in this, then you need to determine what sort of reporting you want from them.
In some areas of IT security, the managed service provider simply monitors the network for threats. If a threat is identified, they report the issue to their client. This is, however, not usually the case with DDoS mitigation service providers. They generally play an active, often critical, role in the incident response process.
When a DDoS attack happens, the DDoS mitigation service provider will usually perform five main functions. Firstly, they will corral all network traffic in a safe environment. Secondly, they will forward any traffic they can positively identify as safe to the network. Thirdly, they will delete any traffic they can positively identify as malicious.
Fourthly, they will work to identify the characteristics of the malicious traffic so that they can block it at its source(s). Fifthly, they will advise on what steps can be taken to prevent the attackers from striking again in the same way.
Do you want your DDoS mitigation service provider to guide you through securing your network against DDoS threats as they emerge? If so, do you want this included as part of your package or are you happy to pay for it separately?
What are your needs and expectations for day-to-day customer support (outside of incident responses)? Do you need it to be provided outside of regular working hours? Do you need it in more than one language?
In the real world, cost is going to be a factor for all businesses. The price itself matters (as does the value). The transparency of the pricing structure also matters a lot. You need to be confident that you fully understand how your billing will be calculated. Any misunderstandings here could have a serious impact on your cash flow.
Discover the DataBank Difference today:
Hybrid infrastructure solutions with boundless edge reach and a human touch.
