Distributed Denial of Service (DDoS) attacks have made headlines in recent weeks as attacks transmitted a record-breaking amount traffic. Targeting the website KrebsOnSecurity, the malware Mirai infected Internet of Things (IoT) devices to launch a debilitating assault of at least 620 gigabits, taking the site offline.
With Mirai released to the public on October 2nd, this malware and similar botnets are sure to plague many more as they abuse the almost non-existent security of various IOT devices including printers, surveillance cameras, and routers. As new Internet standards increase the amount of traffic that can be transmitted over standard Cat5e and Cat6 cables, DDOS attacks will have more bandwidth to unleash their assault and are likely to become more prevalent. With expectations attacks may reach an unprecedented 1Tb of data, it is imperative businesses protect their environments.
DDoS attacks are a common source for extortion as they render businesses offline and demand an exorbitant ransom. Secondly, DDoS attacks serve as a method to stifle competition as botnet operators can be paid to render a competitor’s email services unresponsive, preventing the business from emailing an alternate business bid. DDoS incidents may also be used to distract IT security while executing other malicious actions within their environment. Despite the motivation, DDoS attacks are an intimidating adversary.
F5 has created the DDoS Hybrid Defender to protect your connections on all layers. This solution offers a line of defense on multiple fronts allowing the implementation of more detailed DDoS rules and policies through behavioral analytics, SSL inspection, bandwidth usage, and other statistic data collection and analysis while reducing mitigation times. The F5 DDoS Hybrid Defender stands out with its seamless and transparent capabilities.
The F5 hardware and chassis is designed to manage millions of connections at one time, preventing a client from overwhelming the network through SSL renegotiation attacks. The F5 DDoS solution inspects each user connection attempting to gain access to your website and should any one user connection attempt to establish more than five renegotiations per minute, the user will be dropped automatically using the SSL Renegotiation iRule. F5 also gives you the ability to disable SSL renegotiation should you not require a long lived secure connection. The F5 Solution can stop a DDoS attack before your network can even experience a hiccup.
Protect your business and your customers with the Hybrid F5 DDoS Protection Reference, and fight back. For more information on how F5 can secure your environment, contact your Account Executive.