The DDoS debate: Multi-layered versus single solution
by Vann Abernethy - Senior Product Manager for NSFOCUS - Monday, 9 December 2013.
). For larger-scale attacks, the traffic will need to be sent upstream. Again, this is all about planning and coordination. If a single provider is used (particularly if the devices used are from the same vendor), both on-premise and upstream, then this handoff can be automatic and seamless. If not, then there is an added level of coordination. If the mitigation capability is 100 percent off-site, the main issue becomes speed to take over the offending traffic; pre-determined routes and testing will help reduce the time it takes to engage. So, when we talk about single and multi-layer, coordination is a primary concern.

Another thing to consider when discussing multi-provider and single provider is that even the single provider can use multiple solutions in a mesh to provide coverage (or use methods such as any-casting to spread the load). The point here is that we are really talking about single coordination – having an employee or outsourced provider ensure that the attack is handled in the most effective way possible for any attack type. From there, it is just about ensuring that the mitigation capabilities are sufficient and everyone understands the plan.

If you have zero tolerance for downtime, then a combination of on-premise and off-site solutions will work best. Regardless of whether they are multi- or single provider, fast, accurate and automated initial responses are critical. If you have a low tolerance for downtime (say, under 10 minutes), then an off-site service from a single provider will get you what you need. If you can accept some downtime, then a multi-provider scenario will provide you with an acceptable alternative. In reality, your business will drive what makes the most sense.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th