Many organizations both misunderstand and underestimate the power and scale of today's DDoS attacks, says Darren Anstee of Arbor Networks. And these lapses may be negatively impacting enterprises' DDoS defense.
"What [the misunderstanding] can do is make us think we have solved the problem, when we really haven't," says Anstee, Arbor's Chief Security Technologist. "Many people view DDoS purely as a volumetric problem, and hence they look for solutions that are designed to deal with that problem."
But in the face of ever-strengthening, application-level attacks, as well as those launched for extortion and distraction, organizations need to treat DDoS with a defense-in-depth approach. "To get full protection against DDoS, organizations need a layered approach - a combination of a cloud or service provider service and an on-premise component," Anstee says.
In an interview about dispelling some of today's DDoS myths, Anstee discusses:
- What's most misunderstood about DDoS;
- How we often underestimate the nature and scale of attacks;
- How enterprises must tailor their DDoS defenses.
Anstee has 20 years of experience in pre-sales, consultancy and support for telecom and security solutions. As Chief Security Technologist at Arbor Networks, Darren works across the research, strategy and pre-sales aspects of Arbor's traffic monitoring, threat detection and mitigation solutions for service providers and enterprises around the world. Prior to joining Arbor, he spent over eight years working in both pre- and post-sales for core routing and switching product vendors.