Distributed Denial of Service (DDoS) is a type of attack aimed at making a service—typically a server application—unavailable by overwhelming, disrupting, or exploiting its vulnerabilities.
The principle is straightforward:
Service = server application
Denial of Service = making the service unavailable
Distributed = attack executed from multiple sources simultaneously
While standard DoS attacks can be mitigated by traditional firewalls with IDS/IPS, distributed attacks quickly exceed these capabilities. If an application typically operates at ~100 Mbps throughput, DDoS traffic can spike to hundreds of Gbps—historically even reaching petabit levels. At that scale, it’s no longer about protection, but survival of the infrastructure.
Effective defense relies on rapid detection and traffic diversion away from the infrastructure—typically through scrubbing centers with sufficient capacity, which filter out malicious traffic and allow only legitimate traffic to pass. Modern DDoS attacks are not only volumetric but also exploit application-layer vulnerabilities. Therefore, it is essential to combine DDoS protection with a WAF (Web Application Firewall) and ensure visibility into encrypted traffic.
Evolving network threats require organizations to strengthen their defensive capabilities. Security managers are increasingly facing:
- Application vulnerabilities
- Authentication weaknesses
- Data theft and information leakage
- Malware propagation
- Network and application outages
- Advanced threats (e.g., trojans)
Effective protection requires a multi-layered approach and the integration of multiple security tools.
Key features of the solution
- Real-time detection and mitigation of DDoS attacks
- Automatic traffic diversion to scrubbing centers
- Network and application traffic analysis
- Protection against volumetric and application-layer attacks
- Visibility into encrypted traffic (SSL/TLS inspection)
- Integration with WAF and other security tools
Main benefits
- Ensured business continuity even during attacks
- Minimized downtime and financial impact
- Accurate detection and rapid incident response
- Reduced total cost of ownership (TCO)
- Protection of infrastructure and investments (CAPEX)
DDoS protection solutions typically include:
- IPS (Intrusion Prevention System)
- DDoS / DoS protection
- NBA (Network Behavior Analysis)
- Reputation services
- Scrubbing centers and traffic filtering
Coverage of network DDoS attacks includes:
- SYN attacks
- TCP attacks
- UDP attacks
- ICMP and IGMP attacks
- Fragmented packet attacks
- Network and port scanning
