menu
FlowTraq > Blog > Technology Partners and Collaborations > Hybrid DDoS Mitigation: When On-Site Scrubbing Isn’t Enough

Hybrid DDoS Mitigation: When On-Site Scrubbing Isn’t Enough

Dr. John Murphy
By | October 4, 2016


Facebooktwitterlinkedin

Denial of service attacks have become an all-too-common headache in modern network administration: whether providing local internet to home users, serving up necessary resources to your customers, or just trying to get your mission accomplished, eventually (and persistently) someone out there will think it’s a good idea to knock you or your users offline. There are solutions, such as FlowTraq, available on the market to help determine very quickly when you’re under attack, what asset is under attack, and the nature of the attack; and for getting quick notification… but what then?

Many network operators utilize on-site scrubbing appliances that will remove attack traffic and make sure you’re only moving the bits that you want to. They’re great for protecting your downstream customers, both the ones being attacked and the innocent bystanders trying to use the same pipe. The trouble is, eventually a large attack will overwhelm your own connection to the outside world, and you can’t afford to let that malicious traffic into your network at all, even just long enough to scrub it.

In such a case, many companies have turned to BGP null-route techniques: telling upstream providers to stop routing traffic to the victimized host. That solves the immediate bandwidth crisis, but rewards the attackers, who have succeeded in knocking their victim offline.

To combat the malicious traffic, companies have selected to deploy a hybrid DDoS mitigation solution. This involves utilizing off-premise scrubbing centers with a cloud-based DDoS provider to mitigate the DDoS traffic as an attractive alternative to black holing the attack traffic. The DDoS provider can be automatically alerted when the traffic volume is threatening to overwhelm your network. They will receive the incident details: which IPs are under attack, what kind of attack it is, when it started, and other information that helps their team quickly start mitigation on the malicious traffic and only send back the healthy traffic to your network. The nice thing about having that service in the wings is that it doesn’t have to be utilized for every attack: just for the traffic you can’t or don’t want to handle yourself. In addition, having an off-site DDoS mitigation available adds another valuable tool to your toolbox.

To learn more about how FlowTraq provides the operational awareness needed to manage and deploy a hybrid DDoS mitigation solution, download the solution brief: Escalating DDoS activity effectively.