onShore Security

Because Security Gives Us Freedom.

  • Managed Security Services
    • Panoptic Cyberdefense
      • Panoptic Cyberdefense Overview
        • Cybersecurity in Banking
      • Managed Detection and Response
      • MDR + NDR
      • Security Orchestration
      • The Panoptic Approach
    • Cybersecurity Leadership
      • Cybersecurity Leadership
      • Continuous Vulnerability Management
      • Security Assessments
        • Security Assessments
        • Security Maturity Assessment
    • Managed Security Solutions
      • Managed Security Solutions
      • Panoptic Sensor
      • Managed Firewall
      • Managed EDR
  • Media
    • Blog Posts
    • onSecurity Podcast
    • News
    • Videos
  • About Us
    • Why We Win
    • Our Mission
    • Our Clients
    • Leadership Team
    • Community
    • onShore Security Jobs
    • Press
  • Contact

DDOS Protection

July 17, 2018 By Josh Eklow

DDOS Protection

A question we’ve been asked recently is why an IPS isn’t sufficient to protect a financial institution (or any organization) from a DDOS attack. The explanation is quite simple, with an understanding of what a DDOS attack is and what an IPS is and does.

Many have heard of DDOS (distributed denial of service) attacks in the news, and might have even seen the effects of such an attack at their organization. A DDOS attack is an effort by a person or group to overwhelm the target’s bandwidth via a large volume of distributed (coming from multiple sources) requests. The most important thing to understand about a DDOS attack is that it is the volume of requests, not the nature of the requests, that is to blame for any ill effects. DDOS attacks flood a target with typical, legitimate packets, but at a volume so much larger than is expected that it brings the system down.

An IPS detects and prevents intrusion, typically by looking at what a user is doing, comparing that to normal use, and determining that the exchange is anomalous. This does little, however, in the case of a DDOS, for two reasons. Firstly, the sheer volume is overwhelming for an IPS. Secondly, and most importantly, the packets being sent, though they are sent at a catastrophically large volume, are legitimate packets.

While DDOS attacks may be used on their own to embarrass an organization or otherwise impede operation, they can also be used as a diversionary attack, distracting employees and tying up resources while a separate attack is underway, with a goal of extracting data.

To truly protect itself from a DDOS, an organization needs more bandwidth and resources than the DDOS attack. There are also ways to mitigate an attack underway. Hardware options are available and there are also cloud-based solutions. The risk and required security will be different for every business. If you have any questions about how DDOS attacks can affect your organization’s ability to operate, or would like to talk to us about protection and mitigation, give us a call at 312-850-5200.

Contact us to learn more about managed security services

Filed Under: Cybersecurity Chicago

312-850-5200

216 W. Jackson Blvd.
Chicago, IL 60606

info@onShore.com

  • Email
  • Facebook
  • LinkedIn
  • Twitter
  • YouTube
  • Home
  • Managed Security Services
  • Jobs