![[Jcount.com]](https://www.jcount.com/wp-content/uploads/2014/08/jcount150X50.png)
![[Jcount.com]](https://www.jcount.com/wp-content/uploads/2014/08/jcountstartupslogo1.png)
Over the last few years there has been no shortage of information on just how bad distributed denial of service attacks can be. No shortage of jaw-dropping statistics or price tags or cautionary tales, each dire warning fully warranted.
One would certainly be forgiven for thinking that mitigating a DDoS attack is a burdensome process where the good guys are scrambling to catch up to the bad guys, fighting to keep the damage from reaching catastrophic levels, especially since for under-protected websites and online services, that’s basically how it goes. It doesn’t have to, though. For businesses that need ‘round the clock uptime and can’t afford any of the fallout of a DDoS attack, there’s a new time to mitigation standard.
Here’s the who, what, why and how.
Countdown to catastrophe
Imperva’s DDoS protection division Incapsula is a well-known name in the DDoS fighting game, named a leader in mitigation by the Forrester Wave report and ranked number one in the strategy and current offering categories. They’ve now updated their service level agreement (SLA) to reflect a time to mitigation (TTM) of an industry-leading 10 seconds or less for both network layer and application layer DDoS attacks.
For businesses of all sizes, this is an essential response speed. While the downtime caused by a DDoS attacks is bad enough, causing frustration amongst users, outrage on social media, distrust over security concerns and a long-term loss of loyalty that can see users abandon ship for a better-protected competitor, the downtime is only part of the pain caused by a distributed denial of service attack.
Behind the scenes of a successful DDoS attack is, often, an IT staff struggling to deal with attack mitigation while trying to make sure no concurrent hacks or intrusions are taking place, communications, marketing, sales and customer service staff trying to keep customers informed on the situation, and other employees who can’t do their jobs if back-end systems and networks also went down in the attack. That isn’t even getting into the remediation phase, which can involve lengthy fixes and even replacements for hardware and software that could’ve been damaged in the attack. No wonder DDoS attack cost estimates typically land between five and six figures per hour.
Incapsula themselves abide by the ‘moments of downtime, hours of recovery’ rule of thumb, and that’s part of what prompted them to optimize their DDoS mitigation processes and technology to stop attacks before they start with that guaranteed under 10 second TTM.
Go speed racer
Incapsula can offer this level of TTM thanks to always-on deployment and upgrades to their processing capabilities and real-time information exchange.
The Incapsula Behemoth scrubbing servers are now Behemoth 2.0, fully automated scrubbers built to handle 650 million packets per second or 440 gigabits per second, enough processing power to detect any attack instantly and sample the data to create scrubbing directives that bounce bad traffic and allow legitimate traffic through unimpeded – all in a matter of milliseconds.
This processing power is bolstered by real-time synchronization servers deployed across the Incapsula network to fast-track information about the detected attack as well as scrubbing directives to every scrubbing server or proxy on the network. With a typical DDoS attack, scrubbing will commence in less than one second from the time the first attack packet reaches an Incapsula server. Incapsula gives themselves an extra nine seconds in their SLA as a buffer for atypical attacks.
A mitigation superpower
Instead of being a big dramatic deal, DDoS mitigation should essentially be invisible to the businesses that have invested in it as well as their users or customers. For everyone to go unaffected by these all too common assaults, professional DDoS protection needs to stop attacks in their tracks before a single moment of ill effects can be suffered by the intended target. For uncompromising DDoS protection, the magic number is looking a lot like 10 seconds.
