Here is something else interesting about Denial of Service defense approaches: you cannot do it alone. Think about it: it is more profound than it sounds. You can protect from buffer overflows and SQL injections on your own. And, yes, occasionally you’d need a patch from a 3rd party (such as your software vendor), but you can usually block the the impact of an attack using other technologies even if you don’t have a patch yet.
On the other hand, if your network pipe is full, you cannot do anything [on your own] to make it not be full. No matter what you do in your environment, your connectivity is still down, whether inbound or outbound. In fact, this post exists on the nexus of my research into Denial of Service and collective analytics/ data sharing.
So, at the very least your DoS defense responsibility is shared with your Internet Service Provider (ISP). In other cases, it is shared with your cloud provider. Or, it can me shared with a Content Delivery Network (CDN) or other entity. In essence, these are the scenarios of DoS protection sharing:
- Your organization + your ISP (they can mitigate the attack when a network pipe from you to them is full; in most cases you’d need to detect it first though)
- Your organization + your cloud provider (do you realize that if you use SaaS to achieve a particular business function, such function can be denied by a) DoS’ing your network, b) DoS’ing your provider [or: DoS’ing them enough so that they drop you as a customer…] or c)DoS’ing your link to them)
- Your organization + your CDN (if you accelerate your web presence by using a CDN, they become an inherent part of your DoS defense arsenal)
- Your organization + specialty anti-DoS provider (and, yes, if your anti-DoS provider is itself DoS’d, you are ..ahem…”denied your anti-DoS service” … ironic,isn’t it?)
Thus, DoS defense requires sharing. As I pointed out, it is likely that we will be sharing more than just bandwidth for doing many security things in the coming years…
Related posts about Denial of Service:
- Availability, Security and Why is DoS Fun?
Related posts on shared defenses:
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.