Detecting Distributed Denial-of-Service (DDoS) Attacks
Distributed denial-of-service (DDoS) attacks have risen in popularity with attackers over the past several years, and the size and duration of the attacks keep getting larger. Hacktivist groups around the world are launching DDoS attacks to make a political statement, while the attacks have also reportedly been used to distract corporate security staff from catching network break-ins aimed at stealing money or data. The time to prepare for a DDoS attack is not the day that one’s website goes down.
To effectively prevent large-scale DDoS attacks, organizations require not only mitigation solutions, but also network visibility tools that can make sense of the fog that rises during a denial-of-service attack. By providing continuous security monitoring across the enterprise network, Lancope’s StealthWatch System can help quickly detect both application-layer and volumetric DDoS attacks for fast incident response, helping to prevent costly service outages.
StealthWatch provides DDoS detection capabilities at the application layer with the ability to identify and alarm on slow connection floods for HTTP and HTTPS. StealthWatch also enables organizations to detect the source of volumetric DDoS attacks by alarming on unusually large traffic volumes, providing a multi-pronged approach to thwarting these rising attacks.
“StealthWatch allows us to quickly see when a DDoS attack is happening, and identify the source and destination for fast resolution,” said Michael Jordan, director of network operations for Edge Web Hosting.
StealthWatch provides organizations with:
- Layered DDoS protection
- A simplified DDoS workflow
- Small-volume, application-layer DDoS detection
- Scalable DDoS identification
- On-premise DDoS detection to augment carrier detection and provide local visibility and control
- Dashboards, analytics and reporting for early warning
- Forensic data for post-mortem analysis