The DDoS services market has shown significant growth over the past two years. Much of this has been driven by the marked rise in DDoS attacks and the realization that these attacks are easy to launch and are often used as a diversion for the theft of intellectual property.
Just as importantly, in the internet-driven and -connected economy, your web presence significantly influences how your customers view your organization and the products or services it provides. Security professionals considering how to justify DDoS protection for large websites should ask, “What is our connection to the internet worth?”
On-demand solutions provide defensive services only when needed.
On-demand solutions are manually or automatically started when either the customer or the vendor detects a DDoS attack. Vendors sell this mode when attack volume is low and the primary concern is application latency. the customer (or vendor acting on the customer’s behalf) uses either BGP route changes or DnS redirection to send their network traffic through the vendor’s infrastructure.
Always-on solutions don’t require routing or DNS changes.
Always-on service models have the advantage of not needing to change BGP routing or DnS records. these solutions are best when there is a high frequency of attacks. Many of the providers that offer always-on solutions indicate they have little impact on application latency. they also have an advantage in that they work well with content delivery applications, as the vendor can bundle DDoS services with content delivery services.
Hybrid solutions offer the best of both worlds.
Hybrid solutions allow security pros to use their own on-premises DDoS scrubbing and web application firewalls as a first line of defense. When these facilities become overwhelmed, the customer can redirect traffic to the vendor’s scrubbing center for additional remediation capacity.