The main purpose of this site is to provide reviews of DDOS Mitigation providers by real users.  We are here to help educate you about Denial of Service attacks and the different methods for defending against them.  Ddos attacks have been around for quite a while, but in the last few years they have become an increasing threat.  Attacks are getting larger and more sophisticated as it’s becoming a constant battle for attackers to outsmart the defenders.  Mitigation efforts are also becoming smarter and more robust with a plethora of solutions popping up in the market. Everything from hardware deployed on site, transit providers, CDN providers, dedicated ddos cloud solutions, and/or a combination of many of these.  There are advantages and disadvantages to each which we will talk about.

Why are hackers launching ddos attacks?  This is a common question that’s being asked and here are a few reasons…

Extortion –  One of the most common reasons is for extortion and this became popular a long time ago in the online gaming/gambling industry.  The gambling industry is a grey one, and attackers know how much money these companies make.  Therefore, ddos attacks took down these sites until the companies agreed to pay the criminals a lump some of money.  Essentially, these companies were held hostage.

Competition – This was probably more common in the earlier days of the Internet and it’s more speculation than anything else.  However, it’s thought that companies may want to take down their competition by either hiring criminals or doing it themselves.  This is probably less and less common these days due to how prevalent ddos attacks are and how often higher authorities are getting involved to shut these guys down.

Politics – This one happens quite often when protestors are ticked off at their government.  Government websites become the target.

Angry Customers & Employees – Yes, there are customers and employees who are angry enough to take down your website.  Treat them with care!

For fun – There are people out there that are just bored.  It makes them feel powerful if they have the ability to take your site down.  There are also students around the world that will take their school’s website down to avoid having to take an exam.

DDOS Mitigation Methods:

There are a few key components to proper mitigation.  You’ll need enough bandwidth to absorb the attack, the right hardware to handle all different types of attacks, as well the skilled personnel who know how to properly tune the network for each attack.  At the end of the day, if you try to do this all on your own, you’ll be investing several million dollars.  That’s why most companies are outsourcing ddos mitigation.  As described above, there are many different approaches to mitigating ddos attacks and we will briefly describe each and their pros and cons.

Hardware – There are plenty of hardware vendors out there that sell boxes for ddos mitigation.  These boxes are deployed in your environment and can typically sit in front or behind your router.  Depending on the hardware, they will specialize in mitigation certain types of attacks and you’ll need an expert to manage and tune the device as needed.  Keep in mind, this box is only as good as the amount of bandwidth you have to support the flood of traffic.  You may have an extremely robust piece of hardware, but if you don’t have enough bandwidth as well, it’s useless.  You also can’t just set the box up and leave it alone to do it’s thing.  You’ll need skilled and trained personnel to actively tune the box, putting in the appropriate countermeasures, etc.

ISP’s & CDN Providers – These providers are good at what they do, which is providing efficient routing and performance to your website.  They do not specialize in ddos mitigation.  This is not to say their solutions cannot be effective, but they really only offer a piece of what’s really needed for mitigation.  Their offerings exist because they already have a ton of bandwidth in place which is a big component for mitigation.  They can definitely absorb a lot of traffic, but there are a couple problems.  Attacks are more sophisticated than just large amounts of traffic, so the proper gear and personnel need to be in place as well.  The other issue is that ISP’s and CDN’s typically transfer this influx of traffic onto your monthly bill by charging you for that traffic in overage fees.

Cloud DDOS Provider – This is arguably the best approach to take for a variety of reasons.  These providers have already invested the bandwidth, hardware, and personnel to handle attacks. You will pay them a monthly fee to have access to their network and you can pretty much let them do the work.  As a customer, you’ll coordinate with their team to provision your network so it’s ready for mitigation when an attack comes your way.  They typically offer a few different methods for redirecting to their network.  You could make a simple DNS record change which points to a VIP on their network, or you could route an entire class C over to them if your routers handle BGP.  Some of the more advanced providers offer an “always under mitigation” solution, or “always-on.”  This is either done by constantly routing your traffic through their cloud, or by having a combination of a managed on-premise device plus their cloud as backup when needed.  The industry recommends the latter.  If you need to have your traffic always being scrubbed, it’s better to have a local device doing this for performance reasons.  Always sending your traffic through an external cloud can cause unnecessary latency.

For the purpose of this website, we will only be considering Cloud DDOS Providers for review.

© Copyright 2008 by DDos Providers