The ability of an organisation to maintain its availability and resilience in the face of an attack has become more important than ever before .
EXPERT OPINION
Fact two : Today ’ s DDoS attacks are becoming increasingly complex
At present , there are three main types of DDoS attacks :
• Volumetric attacks – Designed to flood Internet-facing circuits with illegitimate traffic , which might be easy to detect when larger . However , most volumetric attacks are under one gigabit per second in size and last for only a few minutes .
• State Exhaustion attacks – These aim to fill state tables in stateful devices , such as firewalls , VPN concentrators or load balancers , with illegitimate TCP connections . When these state tables fill , legitimate connects cease and the services behind these devices are no longer available – thus denying service .
• Application Layer attacks – These are much smaller sized , very hard to detect and will slowly exhaust resources in application servers . When these application layer resources are exhausted , the application stops .
The ability of an organisation to maintain its availability and resilience in the face of an attack has become more important than ever before .
42 www . intelligentciso . com