eBooks

OreillyMultiCloudFinalEBOOK

Learn all you need to know about email best practices, deliverability, and tools with email whitepapers and ebooks.

Issue link: https://hub.dyn.com/i/1119883

Contents of this Issue

Navigation

Page 51 of 57

Application-Layer DDoS Protection DDoS attacks are a reality that any organization hosting a public- facing web application must face. DDoS attacks can be launched at any time against any organization for any reason, or no reason. Pro‐ tecting against these attacks should be part of your design plan. There are two types of DDoS attacks that we focus on in this book: application-layer DDoS attacks and network-layer DDoS attacks. As the name suggests, application-layer DDoS attacks target a spe‐ cific web application or API, using up the Layer 7 (L7) resources while preventing legitimate users from accessing the services. Network-layer DDoS attacks flood the entire network with traffic, making all resources at your cloud provider unavailable, not just a specific web application or service. Application-layer DDoS attacks are often more difficult to detect and stop because the attackers are making legitimate HTTP requests. As a result, sorting through the traffic and separating the attacker's requests from legitimate requests can be a challenge. There are a number of ways to implement effective application-layer DDoS protection. The most common method is to use a WAF to block malicious requests before they can reach the web application itself. This requires implementing a WAF that can process a high volume of traffic without slowing down legitimate requests. It also often involves understanding the nature of each attack. The very nature of a DDoS attack means that the attack is distributed— originating from thousands or hundreds of thousands of IP addresses. The attacks can also blend in with legitimate traffic, at least at first glance. Fortunately, there are usually distinguishing fea‐ tures to application-layer DDoS attacks. These features allow secu‐ rity teams to build signatures that can be deployed to the WAF and stop that traffic without impeding the flow of legitimate traffic. A cloud-based WAF enables organizations to quickly deploy these protections across the entire multicloud infrastructure. If your orga‐ nization does not possess the skill sets required to identify these pat‐ terns and implement protections, it might be advantageous to take a look at managed WAF services, which are available from providers who can monitor and deploy protections on your behalf. 46 | Chapter 4: Multicloud Security Use Cases

Articles in this issue

view archives of eBooks - OreillyMultiCloudFinalEBOOK