We use cookies to deliver the best possible experience on our website. To learn more, visit our Privacy Policy.
By continuing to use this site, or closing this box, you consent to our use of cookies.

Blog home
Blog post

More on DoS and Shared Security

By Anton Chuvakin | May 29, 2012 | 2 Comments

securityDenial of Servicecollective

Here is something else interesting about Denial of Service defense approaches: you cannot do it alone.  Think about it: it is more profound than it sounds. You can protect from buffer overflows and SQL injections on your own.  And, yes, occasionally you’d need a patch from a 3rd party (such as your software vendor), but you can usually  block the the impact of an attack using other technologies even if you don’t have a patch yet.

On the other hand, if your network pipe is full, you cannot do anything [on your own] to make it not be full. No matter what you do in your environment, your connectivity is still down, whether inbound or outbound. In fact, this post exists on the nexus of my research into Denial of Service and collective analytics/ data sharing.

So, at the very least your DoS defense responsibility is shared with your Internet Service Provider (ISP). In other cases, it is shared with your cloud provider. Or, it can me shared with a Content Delivery Network (CDN) or other entity. In essence, these are the scenarios of DoS protection sharing:

  • Your organization + your ISP (they can mitigate the attack when a network pipe from you to them is full; in most cases you’d need to detect it first though)
  • Your organization + your cloud provider (do you realize that if you use SaaS to achieve  a particular business function, such function can be denied by a) DoS’ing your network, b) DoS’ing your provider [or: DoS’ing them enough so that they drop you as a customer…] or c)DoS’ing your link to them)
  • Your organization + your CDN (if you accelerate your web presence by using a CDN, they become an inherent part of your DoS defense arsenal)
  • Your organization + specialty anti-DoS provider (and, yes, if your anti-DoS provider is itself DoS’d, you are ..ahem…”denied your anti-DoS service” … ironic,isn’t it?)

Thus, DoS defense requires sharing. As I pointed out, it is likely that we will be sharing more than just bandwidth for doing many security things in the coming years…

Related posts about Denial of Service:

Related posts on shared defenses:

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed

2 Comments

  • security1 canberra says:

    Thank you for providing the details about Denial of Service defense approaches.

    May 30, 2012 at 10:40 am
  • Simon Iddings says:

    Its always important to protect your business. Thanks for this great informative post!

    May 30, 2012 at 12:54 pm