Nemertes Issue Paper

Overview: Distributed Denial of Service (DDoS) attacks are network-based in which the attacker plants malicious code on numerous, scattered, and usually unwitting, servers or desktops. Those machines (called zombies) then flood a single IP address with packets so it is driven offline, unable to handle the volume. The attacks are devastating, extremely difficult to trace, and impossible to predict. The only defense is to use purpose-built appliances that must stay one step ahead of the attackers in both performance and functionality. There are two primary choices for enterprise defense: on-premises do-it-yourself (DIY) and cloud-based DDoS defense service. Each has pros and cons but the unique characteristics of a DDoS attack in conjunction with significant cost savings of the cloud-based service shift the decision in favor of the service.

Author(s): Ted Ritter, Senior Research Analyst

Keywords: DDoS, Cloud, Zombie, SOC

Vendors mentioned: Amazon, AT&T, CNN, EBay, Yahoo

Clients: Read this Issue Paper - Distributed Denial of Service Defense: Defending On-Premises or in the Cloud

Non-clients: Please contact us for information on obtaining access to Nemertes reports