How to choose a сloud Anti-DDoS service

08 October 2020

Anti-DDoS service provider, part of which can potentially be generated by an attacker. The security provider processes and filters this traffic, then sends clean traffic to the customer.

Whether the customer receives his traffic well-cleaned or not, is a good question.

First off, the result of traffic cleaning depends on the professionalism of the DDoS protection provider and its filtering capabilities. Since Anti-DDoS services are very popular nowadays, there are too many providers on the market. Usually these providers do not have much knowledge and experience in DDoS mitigation. Often security services are offered, for example, by Internet service providers (ISPs). To understand exactly what their protection offers and how effective it will be, you will have to figure it out in advance.

Secondly, the quality of traffic cleaning depends on the method of connection to the Anti-DDoS service. If it is chosen wrong, an attacker can easily find a hole in the protection and continue to attack the customer with new force bypassing the filters of the Anti-DDoS service. Depending on the features of the service and its architecture, various options may be suitable - symmetric or asymmetric filtering, at the packet level or at the application level, using proxying or the BGP Protocol.

Third, a customer may (in order to save money or out of knowledge) purchase limited protection capabilities from a provider. As a result, his resources will be protected only from certain kinds of attacks, while other DDoS attacks (for example, more intelligent ones) can cause him a lot of trouble and inflict significant damage to his business.

Recommendations for choosing a DDoS protection service

  • Find out for how long and how professionally the provider has been engaged in Anti-DDoS protection and whether it specializes in these services. Study company reviews on the Internet and talk to its customers.
  • Before connecting the protection discuss with the provider what kind of services and connection methods will be effective for you.
  • Do not rush to sign a long-term contract with the security provider. First, take the service for testing and see how efficient it will be.