nanog mailing list archives

Re: [SECURITY] Application layer attacks/DDoS attacks


From: jim deleskie <deleskie () gmail com>
Date: Sat, 23 May 2015 11:32:55 -0300

To many pieces to answer on a weekend on NANOG, but those of us that work
in the DDoS space the last number of years have seen huge growth in the
application layer attacks. This does not mean a decrease in volumetric
attack, just that now you have to worry about both and lots of each.  FW's
while they have got better are still not the solution for many reasons.
Moving things to the "cloud" helps in come cases but not all.  This is an
arms race, the better we protecting the better the "bad guys" get at
attacking.

-jim

On Sat, May 23, 2015 at 9:56 AM, Ramy Hashish <ramy.ihashish () gmail com>
wrote:

Hello there,

As a reaction to the increasing demand -from enterprises- over the DDoS
protection services, a fierce competition between vendors is about to start
in this playground, big upfront investments started to happen in the tier
one, tier two and tier three ISPs, IMHO this will have its aggressive
effect on the volume of the DDoS attacks, and will eventually steer the
mindset of the enterprises towards hosting the most critical
applications/services in a well geographically-dispersed cloud and
increasing the surface area using anycast then relatively decreasing the
attack volume.

Back to the DDoS protection, most anti-DDoS vendors are marketing their
products as application layer attack DDoS defense, I am little bit
confused; aren't the application firewalls" -either integrated in a "NGFW
or a UTM"- the responsible for mitigating application layer attacks?

Thanks,

Ramy



Current thread: