I work for an information technology and services company that provides customers with high-quality IT products and services to fit their needs.
I am currently researching DDoS solutions. Which is the best solution available? Which would you recommend and why?
Thanks! I appreciate your help.
This answer depends on if you are looking for Network Layer (L3/4) or Application Layer (L7).
I prefer Akamai Prolexic for the former and Imperva Cloud WAF for the latter.
@reviewer1662357 thank you for your answer. What outstands both Akamai's and Imperva's products from their competitors?
When choosing a DDoS mitigation provider you need to consider the applicability in your case.
Are you looking to protect your website or your infrastructure, your entire network (AS number and prefixes), etc.?
The solutions you can look into are:
- Web applications based – if you are looking to protect a domain or IP – but you might be asked to change your IP, and use one of the supplier’s; like Cloudflare
- Hardware appliance – if you are looking to implement an on premise solution – this would mean no added latency, but you compromise on the filtering capacity (10Gbps – 40Gbps) and it implies a high CAPEX for the hardware, plus a recurring cost for maintenance and support; like Arbor
- Software – good for local detection inside your network if you have enough upstream network connectivity, but without a datacenter scrubbing partner you compromise on your monthly costs for bandwidth, and even if the software solution is cheap you end up paying a lot for network – like Wanguard
- Scrubbing centers – if you are looking to protect your entire network/infrastructure remotely. This might offer you the most flexibility, applicability and best pricing – like Voxility
What you could consider when comparing DDoS mitigation providers is filtering capacity, how the service is connected, managed or non-managed, total cost of the service including SLA and maintenance , mitigation events included, IPs included etc.
I hope this helps. Finding the right anti-DDoS setup for you will be a burden for sure, but once you find the right one, you will sleep at night again :)
When it comes to DDoS solutions I'd recommend Imperva.
Their correlation engine makes it hard to generate false positives. They also offer Advanced Bot Protection and ThreatRadar services which are a trusted and vast crowd-sourced threat intelligence platform that arms organizations with signatures that protect web apps from malicious sources and botnets. I've worked with them and I can say their support is top-notch.
There are other very good solutions out there in the market like Cloudfare and Silverline (F5) DDoS Protection.
As we provide DDoS protection Solution, I will not be able to comment on this topic :)
DDoS protection solutions are almost all the same, the goal for a DDoS solution provider is to use the benefit of the hardware/ software you have in addition to the cloud provider you. are /will use to build YOUR solution.
The most important, before the solution is visibility, without it, you will have a lot of challenges to be able to be efficient.
DDoS Solution isn't magic, it's a lot of engineering and of course infrastructure (if you are the provider), and on the customer side, you need to know what you have to protect, and how it's working.
The challenge for us as a provider is to know what is working or not while we are mitigating on a new type of attack, and we can't do it without the customer knowing exactly his infrastructure / service / software