With DDoS attacks at epidemic level, Imperva has announced a new cloud service it claims offers a practical way to fend off the menace up to multi-gigabit level.
Built on top of infrastructure from the company’s cloud division Incapsula using Imperva’s own SecureSphere Web Application Firewall, Cloud DDoS Protection is really aimed at organisations worried about the epidemic levels of DDoS but unwilling to invest in yet another on-site security layer.
The services detects all the leading DDoS attack types on demand, including network-based attack based on SYN or UDP bombardment as well as the nuisance application-based attacks that set out to overload web and e-commerce servers.
“Hackers frequently tune DDOS attacks, and our service will help enterprises better block one of the main weapons in a hacker’s arsenal,” said Imperva CTO, Amichai Shulman. “This year we’ve seen a number of significant DDoS attacks that have caused major downtime for websites,” he added.
Security companies have a tendency to exaggerate threats, or that’s how it can sometimes seem to the buyers of security products. In the case of DDoS, however, Schulman’s pitch is backed up by plenty of evidence.
From the hacktivism of Anonymous and LulzSec to the less-discussed realm of professional DDoS for hire, this is a security threat that has turned from an occasional worry to a daily chore. Only weeks ago, the Hong Kong Stock Exchange found itself in the embarrassing position of having to issue company disclosure data using adverts in local newspapers after being hit with a professional DDoS.
The likelihood is that cloud-based DDoS protection will in time become a commodity not least because it is a simple way to protect public services such as web servers using nothing more involved that a change in DNS routing.
Enterprises pay for the service on a subscription basis depending on the capacity (1 or 2GBps) and service level they need; the lower-cost protection service comes in a standby form, the more expensive with an automatic kick-in and the ability to protect an unlimited number of web servers. Contracts run from one to three years.
In automatic mode, exactly when the service kicks in to protect a server will depend on how the traffic polices have been defined for a particular application. It’s also important not to underestimate the capacity needed to defend against DDoS – attacks often exceed the available bandwidth many times over.