NTSPL Blog logo
Share

What is a DDoS Attack ?

A distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its legitimate users. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

Today’s many types of attacks fall into two main categories:

VOLUMETRIC ATTACKS

Flooding attacks. Saturates and consumes network bandwidth and infrastructure. Examples: ICMP, UDP or TCP Syn Floods.

APPLICATION LAYER ATTACKS

Harder to detect than Volumetric Attacks. Targets specific applications of services where they exhaust resources.

Examples : HTTP or DNS attacks.

Our system takes a layered approach that enables us to block both types of attacks.

Essential Protection for Your Hosting Infrastructure.

Distributed Denial of Service Attacks can have a significant impact on your company. Downtime, lost revenue and brand tarnishment just to name a few. It doesn’t matter if you are a large enterprise, small business, e-commerce company or government institution. If your website is internet facing, you’re vulnerable to Denial of Service attacks, so it is vital that you detect and stop these attacks before they impact your business.

Since 2007, NTSPL Hosting has been helping their customers detect and mitigate DDoS attacks before they impact business. Recently NTSPL Hosting partnered with world’s another dedicated hosting company Liquid Web who made a million dollar investment into a state-of-the-art DDoS protection system that will help protect our clients from nefarious activities on the internet. Our data centre’s state-of-the-art DDoS Mitigation System is comprehensive and has three critical functions: detection, mitigation and reporting.

Our DDoS Prevention has the Capability to:

  • Detect and block emerging application-layer DDoS attacks.
  • Deploy a turnkey solution to stop threats
  • Accelerate responses to DDoS attacks to prevent legitimate services from going down.
  • Prevent illegitimate botnet communications by leveraging real-time security intelligence
  • Mitigate volumetric attacks
  • Block illegitimate traffic from costing you money in bandwidth charges.

How Our DDoS Prevention Works

When a customer signs up for Liquid Web DDoS Mitigation, the customer will identify a group of IP addresses, which will be setup for detection and mitigation. A network object will be created and applied to the Analytics and Threat Detection System which will monitor all network traffic in real-time by doing statistical analysis of packets at the border layer of our network.

how-ddsworks

When the Analytics and Threat Detection System identifies an attack, the network traffic is routed to our Threat Mitigation System which is a dedicated piece of specialized hardware that will deploy countermeasures based upon the specific attack.

The countermeasures will scrub all of your network traffic at the border layer, not just web traffic like many providers, and separate legitimate from illegitimate traffic and only pass along the legitimate traffic to your server. When the attack subsides your network object will be removed from the Threat Mitigation System and traffic will begin flowing as normal. If the Analytics and Threat Detection System identifies a new threat the process will be repeated.

Advantages of Liquid Web DDoS Prevention

Other Hosting providers which do not have a comprehensive DDoS Mitigation System will not be able to adequately handle a large DoS attack that is targeting one of their customers. This will often times result in the DDoS attack having a negative effect on other customers which may utilize the same server or the same networking infrastructure.

As a result, the hosting provider will often demand that the target client be removed from the network or asked to enlist a 3rd party DDoS system which may cost thousands of dollars, require DNS changes and may result in hours or days of downtime. This is obviously not a good solution because it will result in significant downtime and loss of revenue.

In contrast, our data center’s  DoS Mitigation System can be deployed in line without the need of DNS changes and can be implemented in minutes instead of hours or days.


Share