The DDoS debate: Multi-layered versus single solution
by Vann Abernethy - Senior Product Manager for NSFOCUS - Monday, 9 December 2013.
). For larger-scale attacks, the traffic will need to be sent upstream. Again, this is all about planning and coordination. If a single provider is used (particularly if the devices used are from the same vendor), both on-premise and upstream, then this handoff can be automatic and seamless. If not, then there is an added level of coordination. If the mitigation capability is 100 percent off-site, the main issue becomes speed to take over the offending traffic; pre-determined routes and testing will help reduce the time it takes to engage. So, when we talk about single and multi-layer, coordination is a primary concern.

Another thing to consider when discussing multi-provider and single provider is that even the single provider can use multiple solutions in a mesh to provide coverage (or use methods such as any-casting to spread the load). The point here is that we are really talking about single coordination – having an employee or outsourced provider ensure that the attack is handled in the most effective way possible for any attack type. From there, it is just about ensuring that the mitigation capabilities are sufficient and everyone understands the plan.

If you have zero tolerance for downtime, then a combination of on-premise and off-site solutions will work best. Regardless of whether they are multi- or single provider, fast, accurate and automated initial responses are critical. If you have a low tolerance for downtime (say, under 10 minutes), then an off-site service from a single provider will get you what you need. If you can accept some downtime, then a multi-provider scenario will provide you with an acceptable alternative. In reality, your business will drive what makes the most sense.


More than 900 embedded devices share hard-coded certs, SSH host keys

SEC Consult analyzed firmware images of more than 4000 embedded devices of over 70 vendors and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th