DDoS Prevention

As web vandalism, hacktivism, and cyber espionage reach endemic proportions, DDoS attack prevention is becoming a key information security concern for the enterprise. A distributed denial of service attack, or DDoS attack, can be devastating, costing firms millions of dollars every year in lost productivity and lost revenue from downtime and reduced site performance.

Further, considering the attacks of hacktivist groups like the Syrian Electronic Army on "soft targets", or websites targeted simply because of their vulnerability, it is clear that any organization without an effective DDoS prevention solution can become victim to a costly cyber attack.

The Difficulty of DDoS Prevention

To carry out DDoS attacks, hackers employ brute force attacks, phishing and other methods to distribute malware to personal computers and servers—building a network of remotely controlled zombie machines, or botnets. Used to generate large amounts of traffic on sites, botnets can slow down server performance, consume bandwidth and eventually render websites and services unavailable to legitimate users. Due to the distributed, volumetric nature of this type of attack, DDoS attack prevention can be difficult for enterprises lacking the capacity to absorb such a threat.

Moreover, over the past few years, DDoS prevention has become even more challenging as cyber attacks have grown not only in scale but in sophistication, bypassing traditional firewalls and taking advantage of vulnerabilities in web applications. DDoS attack vectors have shifted from the network and transport layers to the application layer as cyber criminals take advantage of layer 7 protocols for amplification purposes. As a result, hackers are able to generate large-scale attacks with fewer machines and fewer connections—connections that appear to be used legitimately—making this method of attack both efficient and stealthy.

The Cloud-Based DDoS Prevention Solution

Because of the limitations of on-premise network security tools like firewalls and intrusion prevention systems, and the doubtful cost-effectiveness of over-provisioning bandwidth to counter DDoS threats, companies that want a comprehensive, on-demand DDoS attack prevention solution are turning to cloud-based web security.

This is why more and more organizations are choosing to leverage the many capabilities of the Akamai Intelligent Platform, a globally distributed content delivery network that complies with rigorous PCI standards for data security. We offer our customers:

  • Unlimited Capacity. By offloading server functionality to our highly distributed cloud platform, your company can achieve a scalable, robust infrastructure capable of handling the spikes in traffic created by a massive DDoS attack.
  • Superior Performance. Our global platform's intelligent server load balancing and routing systems optimize traffic flow, ensuring malicious traffic never affects your site's performance and availability.
  • Always-on, Built-In Protection. Our Kona Site Defender solution absorbs application-layer DDoS attacks, deflects network-layer DDoS attacks, and incorporates a full-featured Web Application Firewall, protecting your web applications from even the stealthiest of attacks.

Discover how Akamai's Cloud Security Solutions can make effective, multi-layered DDoS prevention simple for your company.