Defending Against DDoS Attacks:
Strategies for the Network, Transport and Application Layers

Published March 2012

Defending Against DDoS Attacks:
Strategies for the Network, Transport and Application Layers

As DoS and DDoS denial of service attacks become more dynamic and sophisticated, blocking DDoS attacks depends upon on a strategic combination of proprietary DDoS mitigation technology tested under simulated denial of service attack conditions and the vast experience of expert human technicians who can adjust and react as attackers change their attack types.

What you’ll learn

  • What is a DDoS attack?
  • The three general categories of DDoS attacks
  • In-house measures to try to block certain common types of DDoS attacks
  • DDoS mitigation strategies and techniques

What you need to know

The complexity and scale of distributed denial of service (DDoS) attacks are increasing steadily with DDoS attackers moving up the stack to focus on the application layer rather than the network. DDoS attackers and hacktivists are effective because:

  • 90 percent of security investments are still focused on network security, even though 75 percent of DDoS attacks target the application layer
  • More than 90 percent of DDoS security vulnerabilities exist at the application layer – not the network layer

Yet without an effective mitigation strategy, the costs climb still higher.

After a DDoS attack:

  • The average loss of revenue during a Layer 7 DDoS attack is US$220,000 per hour
  • Even so, loss of reputation after a DDoS attack may be more costly to a company than the lost revenue incurred during website downtime

Contact Us